0f4cd7f50dbf755813cf656377f388ea34e7a4498007694685547e94e8bc5d52 | Triage

Sharing

General

Target

0f4cd7f50dbf755813cf656377f388ea34e7a4498007694685547e94e8bc5d52
Size

1.5MB
Sample

221125-m29wfaca73
MD5

282980fa52ec9fbc047c6cc2529b317d
SHA1

a1c50e19cee8cde96fe4197c4c949ecbca1afbc4
SHA256

0f4cd7f50dbf755813cf656377f388ea34e7a4498007694685547e94e8bc5d52
SHA512

530fc19dd0025fbe0a53b428401a41e9bbb8e93aa3c4295111fb5571e7285664479aab0b2e09a72ba4ba3626ce1a185824f40bf7fd12cea5aac356bb31ef1991
SSDEEP

24576:3pa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG:AcZC35VcOcmDcc6Cd

Score

7^/10

Malware Config

Targets

- Target
  
  0f4cd7f50dbf755813cf656377f388ea34e7a4498007694685547e94e8bc5d52
- Size
  
  1.5MB
- MD5
  
  282980fa52ec9fbc047c6cc2529b317d
- SHA1
  
  a1c50e19cee8cde96fe4197c4c949ecbca1afbc4
- SHA256
  
  0f4cd7f50dbf755813cf656377f388ea34e7a4498007694685547e94e8bc5d52
- SHA512
  
  530fc19dd0025fbe0a53b428401a41e9bbb8e93aa3c4295111fb5571e7285664479aab0b2e09a72ba4ba3626ce1a185824f40bf7fd12cea5aac356bb31ef1991
- SSDEEP
  
  24576:3pa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG:AcZC35VcOcmDcc6Cd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2