f35e941a455b221ed75292eef9216f7a152dc436c97a34e527f24839b196e25b | Triage

Sharing

General

Target

f35e941a455b221ed75292eef9216f7a152dc436c97a34e527f24839b196e25b
Size

1.5MB
Sample

221125-mh9fkaae78
MD5

cb97a55e2d92f4b9e7a40071c04977b8
SHA1

5c9d1e9ae8d424c55cd22ed649409c07863c9e44
SHA256

f35e941a455b221ed75292eef9216f7a152dc436c97a34e527f24839b196e25b
SHA512

ffa73723fe968f97ac523b5d24f05a4119727bdeedf45cdab4bcb36ae91ebbb62f886777a3fac61e1faa9ef39e1ce6e0c3f9e739cb442caf9b464c31afc6304e
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG5:wcZC35VcOcmDcc6Cdj

Score

7^/10

Malware Config

Targets

- Target
  
  f35e941a455b221ed75292eef9216f7a152dc436c97a34e527f24839b196e25b
- Size
  
  1.5MB
- MD5
  
  cb97a55e2d92f4b9e7a40071c04977b8
- SHA1
  
  5c9d1e9ae8d424c55cd22ed649409c07863c9e44
- SHA256
  
  f35e941a455b221ed75292eef9216f7a152dc436c97a34e527f24839b196e25b
- SHA512
  
  ffa73723fe968f97ac523b5d24f05a4119727bdeedf45cdab4bcb36ae91ebbb62f886777a3fac61e1faa9ef39e1ce6e0c3f9e739cb442caf9b464c31afc6304e
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG5:wcZC35VcOcmDcc6Cdj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2