37bbf261819afd6fabb75cb8815d4651e09329ab5cb8fe0b01d376096f195ab6 | Triage

Sharing

General

Target

37bbf261819afd6fabb75cb8815d4651e09329ab5cb8fe0b01d376096f195ab6
Size

30KB
Sample

221123-mwh6jafb77
MD5

7ed898aa2a8b247f7c7a46d71b125ea8
SHA1

b4c2625707fa9088ba093be8ce433454171cbec6
SHA256

37bbf261819afd6fabb75cb8815d4651e09329ab5cb8fe0b01d376096f195ab6
SHA512

8c7fc56be39bcbf9c4b8267ee184237a7ce753fc0f7b6525eb11cf6733ea9bcdf3c021a37ba648e4c50a1404a6ea8e7b69cf82ae9c78cce9b089303501968fd5
SSDEEP

384:8Ya0V/Sfz6O1gSrFhJmhAEEthzTm7Gk3p35G2A3ISV4GWWL7Uepc:8Y5Vu9x6hrCzTmj5G2/2WWLgee

Score

8^/10

Malware Config

Targets

- Target
  
  37bbf261819afd6fabb75cb8815d4651e09329ab5cb8fe0b01d376096f195ab6
- Size
  
  30KB
- MD5
  
  7ed898aa2a8b247f7c7a46d71b125ea8
- SHA1
  
  b4c2625707fa9088ba093be8ce433454171cbec6
- SHA256
  
  37bbf261819afd6fabb75cb8815d4651e09329ab5cb8fe0b01d376096f195ab6
- SHA512
  
  8c7fc56be39bcbf9c4b8267ee184237a7ce753fc0f7b6525eb11cf6733ea9bcdf3c021a37ba648e4c50a1404a6ea8e7b69cf82ae9c78cce9b089303501968fd5
- SSDEEP
  
  384:8Ya0V/Sfz6O1gSrFhJmhAEEthzTm7Gk3p35G2A3ISV4GWWL7Uepc:8Y5Vu9x6hrCzTmj5G2/2WWLgee
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2