e8883453f6380020b8929448508092e25ef0f925ac86332f54685e12005bb0e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8883453f6380020b8929448508092e25ef0f925ac86332f54685e12005bb0e5
Size

302KB
Sample

221021-c6jjyaghfq
MD5

443f070e8ea67b968377f948ef9aa7ed
SHA1

7c1d89d29a17cb65582de6c199c1fd810643d597
SHA256

e8883453f6380020b8929448508092e25ef0f925ac86332f54685e12005bb0e5
SHA512

2a8a6e835703fffcf0e1fd2365ad74cdd28a1edf217603d9c703699bfd55c28d0cc7fa8d3e045bb5728544fa62ff1b80c7db1d2bb3d8a71bcf81e98189c3c15f
SSDEEP

6144:JhrR4NSbuIW6YQ4rO2crD12pfwIq0huIKF7fdCUdeGxBgL:Jh1qSfWtQ52cP12pxihF7hegBc

Score

7^/10

Malware Config

Targets

- Target
  
  e8883453f6380020b8929448508092e25ef0f925ac86332f54685e12005bb0e5
- Size
  
  302KB
- MD5
  
  443f070e8ea67b968377f948ef9aa7ed
- SHA1
  
  7c1d89d29a17cb65582de6c199c1fd810643d597
- SHA256
  
  e8883453f6380020b8929448508092e25ef0f925ac86332f54685e12005bb0e5
- SHA512
  
  2a8a6e835703fffcf0e1fd2365ad74cdd28a1edf217603d9c703699bfd55c28d0cc7fa8d3e045bb5728544fa62ff1b80c7db1d2bb3d8a71bcf81e98189c3c15f
- SSDEEP
  
  6144:JhrR4NSbuIW6YQ4rO2crD12pfwIq0huIKF7fdCUdeGxBgL:Jh1qSfWtQ52cP12pxihF7hegBc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2