115c2518419cbe9e1f9a91857833e00d5579c69a93f7f43701814b1a87a2aa47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

115c2518419cbe9e1f9a91857833e00d5579c69a93f7f43701814b1a87a2aa47
Size

1.5MB
Sample

221125-m28clsca69
MD5

f7109a5af91158d7cfc0ed86e18d0b9b
SHA1

6f1dae4da4fa9c3dff43925469cf19e7e9f3734e
SHA256

115c2518419cbe9e1f9a91857833e00d5579c69a93f7f43701814b1a87a2aa47
SHA512

e1a6c7abf04267de24c57402d66cd8a066bf4abb2d329549853cd7fdd649846ee642bf005b0a488d76addb39d0984ea334a91c306a792ff703e84921981e0fc8
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGD:wcZC35VcOcmDcc6CdB

Score

7^/10

Malware Config

Targets

- Target
  
  115c2518419cbe9e1f9a91857833e00d5579c69a93f7f43701814b1a87a2aa47
- Size
  
  1.5MB
- MD5
  
  f7109a5af91158d7cfc0ed86e18d0b9b
- SHA1
  
  6f1dae4da4fa9c3dff43925469cf19e7e9f3734e
- SHA256
  
  115c2518419cbe9e1f9a91857833e00d5579c69a93f7f43701814b1a87a2aa47
- SHA512
  
  e1a6c7abf04267de24c57402d66cd8a066bf4abb2d329549853cd7fdd649846ee642bf005b0a488d76addb39d0984ea334a91c306a792ff703e84921981e0fc8
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGD:wcZC35VcOcmDcc6CdB
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2