78f4029a6736d448bd7ad92a0a94754e80dec8a27f0be8f8689ea58210677152 | Triage

Sharing

General

Target

78f4029a6736d448bd7ad92a0a94754e80dec8a27f0be8f8689ea58210677152
Size

32KB
Sample

221123-mwpnbafb86
MD5

2cf817952883313ef3635569720dcbc0
SHA1

eac3afa4e4d0ee2d6a20e3ce8ae54463b7a23179
SHA256

78f4029a6736d448bd7ad92a0a94754e80dec8a27f0be8f8689ea58210677152
SHA512

bbe72539bdb123bd3337b626bbff6178014ae98556c022197701cbee0edf63a825235882cef4f64022fb4bf2cd6d74e6e4104eb2b4e799821a1fa1d39a8d7d74
SSDEEP

384:zB1jprsW8cCCpKlOIEgKv427jOpBLnzQr6D6GpCwKVw5Dnw:zB1dswKldrKvhCVQGRCwF

Score

8^/10

Malware Config

Targets

- Target
  
  78f4029a6736d448bd7ad92a0a94754e80dec8a27f0be8f8689ea58210677152
- Size
  
  32KB
- MD5
  
  2cf817952883313ef3635569720dcbc0
- SHA1
  
  eac3afa4e4d0ee2d6a20e3ce8ae54463b7a23179
- SHA256
  
  78f4029a6736d448bd7ad92a0a94754e80dec8a27f0be8f8689ea58210677152
- SHA512
  
  bbe72539bdb123bd3337b626bbff6178014ae98556c022197701cbee0edf63a825235882cef4f64022fb4bf2cd6d74e6e4104eb2b4e799821a1fa1d39a8d7d74
- SSDEEP
  
  384:zB1jprsW8cCCpKlOIEgKv427jOpBLnzQr6D6GpCwKVw5Dnw:zB1dswKldrKvhCVQGRCwF
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2