dbd17910b2d6110a62995d2c9fe3e4a5b5f8daed1e21f728bd823d10fd11c2a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbd17910b2d6110a62995d2c9fe3e4a5b5f8daed1e21f728bd823d10fd11c2a1
Size

1.5MB
Sample

221125-mk4yvsec2w
MD5

dff267a11ca1c87da9d3782bd7f627af
SHA1

b385cab0fd926fbee16a86d540b74b4c9b0c295d
SHA256

dbd17910b2d6110a62995d2c9fe3e4a5b5f8daed1e21f728bd823d10fd11c2a1
SHA512

f659a090bda5b51f09080a34b5c954e8aad5e6e6d06bf7d1986dbb5f3ea0139e0a2ceebad8a7e956edc1cbe119489623633b555ff9b68953a8bc1b0e4b698c25
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGD:wcZC35VcOcmDcc6Cdp

Score

7^/10

Malware Config

Targets

- Target
  
  dbd17910b2d6110a62995d2c9fe3e4a5b5f8daed1e21f728bd823d10fd11c2a1
- Size
  
  1.5MB
- MD5
  
  dff267a11ca1c87da9d3782bd7f627af
- SHA1
  
  b385cab0fd926fbee16a86d540b74b4c9b0c295d
- SHA256
  
  dbd17910b2d6110a62995d2c9fe3e4a5b5f8daed1e21f728bd823d10fd11c2a1
- SHA512
  
  f659a090bda5b51f09080a34b5c954e8aad5e6e6d06bf7d1986dbb5f3ea0139e0a2ceebad8a7e956edc1cbe119489623633b555ff9b68953a8bc1b0e4b698c25
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGD:wcZC35VcOcmDcc6Cdp
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2