06affa1f97ef2825105ff49043a7c65b09ef154194b51402e5e8072dbadfbfa9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06affa1f97ef2825105ff49043a7c65b09ef154194b51402e5e8072dbadfbfa9
Size

1.5MB
Sample

221123-wzqt8add29
MD5

3e79a0974450db19c5aaedb6417abbce
SHA1

cc500a243549e723f37872df412684575b3fa370
SHA256

06affa1f97ef2825105ff49043a7c65b09ef154194b51402e5e8072dbadfbfa9
SHA512

1f9d6378737fb0430ddc586c6cd4aae12dca11d3ff6cfb826609ab236b2076a3698b4a151ffab6bd6d6f8453bf0bee09b993df1041a4a0dcb47bfbee6069a14e
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG7:wcZC35VcOcmDcc6Cdl

Score

7^/10

Malware Config

Targets

- Target
  
  06affa1f97ef2825105ff49043a7c65b09ef154194b51402e5e8072dbadfbfa9
- Size
  
  1.5MB
- MD5
  
  3e79a0974450db19c5aaedb6417abbce
- SHA1
  
  cc500a243549e723f37872df412684575b3fa370
- SHA256
  
  06affa1f97ef2825105ff49043a7c65b09ef154194b51402e5e8072dbadfbfa9
- SHA512
  
  1f9d6378737fb0430ddc586c6cd4aae12dca11d3ff6cfb826609ab236b2076a3698b4a151ffab6bd6d6f8453bf0bee09b993df1041a4a0dcb47bfbee6069a14e
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG7:wcZC35VcOcmDcc6Cdl
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2