1ba82acca83586ba525deb4c6ef92351460fa082d9c3c204813a19daf97ba4b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ba82acca83586ba525deb4c6ef92351460fa082d9c3c204813a19daf97ba4b0
Size

1.5MB
Sample

221125-m18lzsbh97
MD5

b32a0e82e75d6f358e61e79f6f2949c2
SHA1

a402fa9a280e811f7cab79ee9a6c94b859a9b38c
SHA256

1ba82acca83586ba525deb4c6ef92351460fa082d9c3c204813a19daf97ba4b0
SHA512

d80b018c0b31e35471a7d1cadfd3f555485bee7993f088b2b8bd9fe111d97e7a5b378870a72a21aeb85f510e10e2c40ea1d712b6cc01a47c64dc9502e7aadc4e
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGb:wcZC35VcOcmDcc6CdF

Score

7^/10

Malware Config

Targets

- Target
  
  1ba82acca83586ba525deb4c6ef92351460fa082d9c3c204813a19daf97ba4b0
- Size
  
  1.5MB
- MD5
  
  b32a0e82e75d6f358e61e79f6f2949c2
- SHA1
  
  a402fa9a280e811f7cab79ee9a6c94b859a9b38c
- SHA256
  
  1ba82acca83586ba525deb4c6ef92351460fa082d9c3c204813a19daf97ba4b0
- SHA512
  
  d80b018c0b31e35471a7d1cadfd3f555485bee7993f088b2b8bd9fe111d97e7a5b378870a72a21aeb85f510e10e2c40ea1d712b6cc01a47c64dc9502e7aadc4e
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGb:wcZC35VcOcmDcc6CdF
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2