b62791b9f59102b747b4100235e8ec2a128a61e745cab8f143dd7722a2afff96 | Triage

Sharing

General

Target

b62791b9f59102b747b4100235e8ec2a128a61e745cab8f143dd7722a2afff96
Size

237KB
Sample

221123-zjmz6sga9t
MD5

890dea3912c5b8ca265724d63a857785
SHA1

4cfd25004f97d07c0509b72d4c8e31769bb01528
SHA256

b62791b9f59102b747b4100235e8ec2a128a61e745cab8f143dd7722a2afff96
SHA512

cdcfddf5bf3f738f0e8772c883f92f9261d9d81ff033075e67686d41d31a3d472e4432f51921e58173f4424d7a24ac2b37b66bf916422c59ec34964defd2d89b
SSDEEP

6144:J1O+GaAr5UmGV/7QJ2A6XtbTEbEgyAXwU:JU+BmGV1A6XxEbEg8

Score

7^/10

Malware Config

Targets

- Target
  
  b62791b9f59102b747b4100235e8ec2a128a61e745cab8f143dd7722a2afff96
- Size
  
  237KB
- MD5
  
  890dea3912c5b8ca265724d63a857785
- SHA1
  
  4cfd25004f97d07c0509b72d4c8e31769bb01528
- SHA256
  
  b62791b9f59102b747b4100235e8ec2a128a61e745cab8f143dd7722a2afff96
- SHA512
  
  cdcfddf5bf3f738f0e8772c883f92f9261d9d81ff033075e67686d41d31a3d472e4432f51921e58173f4424d7a24ac2b37b66bf916422c59ec34964defd2d89b
- SSDEEP
  
  6144:J1O+GaAr5UmGV/7QJ2A6XtbTEbEgyAXwU:JU+BmGV1A6XxEbEg8
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2