253e58982140cc9190d35af6cb6af08ae036d53bc763ff470b2b482f9bd3598f | Triage

Sharing

General

Target

253e58982140cc9190d35af6cb6af08ae036d53bc763ff470b2b482f9bd3598f
Size

31KB
Sample

221123-mwnq1sfb85
MD5

3324b40b5d213bec291f9f86f0d80f64
SHA1

19742cb8591e590f5cda74a4d409790b113c4d17
SHA256

253e58982140cc9190d35af6cb6af08ae036d53bc763ff470b2b482f9bd3598f
SHA512

85466678a40d656a27d23cf92ec42dd739052643c6646238ca79701ea5edd723720381fc6fa81dff99987b6d29d454f1d3ed2c6672fd66546c0a7a354265a7f3
SSDEEP

384:fVJc80u9sENIErVBx0q/qcRjRncvv1/pNxbHCcsAGqCiYyZtSWwdn:fVJc80NhEVBeiXivN9bHFGGYyZDwdn

Score

8^/10

Malware Config

Targets

- Target
  
  253e58982140cc9190d35af6cb6af08ae036d53bc763ff470b2b482f9bd3598f
- Size
  
  31KB
- MD5
  
  3324b40b5d213bec291f9f86f0d80f64
- SHA1
  
  19742cb8591e590f5cda74a4d409790b113c4d17
- SHA256
  
  253e58982140cc9190d35af6cb6af08ae036d53bc763ff470b2b482f9bd3598f
- SHA512
  
  85466678a40d656a27d23cf92ec42dd739052643c6646238ca79701ea5edd723720381fc6fa81dff99987b6d29d454f1d3ed2c6672fd66546c0a7a354265a7f3
- SSDEEP
  
  384:fVJc80u9sENIErVBx0q/qcRjRncvv1/pNxbHCcsAGqCiYyZtSWwdn:fVJc80NhEVBeiXivN9bHFGGYyZDwdn
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2