239a82bc7084c8a4e78f655be9b0df2cbfd714cba119253a625544ba2693ab37 | Triage

Sharing

General

Target

239a82bc7084c8a4e78f655be9b0df2cbfd714cba119253a625544ba2693ab37
Size

1.5MB
Sample

221125-m1n8cafc3w
MD5

cb4274cd1a76071e7abc516a4f411b5d
SHA1

767a949a1947347f150f0acca6a3d508e4890bca
SHA256

239a82bc7084c8a4e78f655be9b0df2cbfd714cba119253a625544ba2693ab37
SHA512

b0e5b3b74c603c8fe19821b55ada4a2356816d4c5349c522cd1d0761f448d4b56f031ffb838af718fab616983327a4dee9e29bf6b3581d0b2baacc65c0ad1b8c
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGH:wcZC35VcOcmDcc6Cd5

Score

7^/10

Malware Config

Targets

- Target
  
  239a82bc7084c8a4e78f655be9b0df2cbfd714cba119253a625544ba2693ab37
- Size
  
  1.5MB
- MD5
  
  cb4274cd1a76071e7abc516a4f411b5d
- SHA1
  
  767a949a1947347f150f0acca6a3d508e4890bca
- SHA256
  
  239a82bc7084c8a4e78f655be9b0df2cbfd714cba119253a625544ba2693ab37
- SHA512
  
  b0e5b3b74c603c8fe19821b55ada4a2356816d4c5349c522cd1d0761f448d4b56f031ffb838af718fab616983327a4dee9e29bf6b3581d0b2baacc65c0ad1b8c
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGH:wcZC35VcOcmDcc6Cd5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2