db4086c6b6139edf6c93525c3c2510137c68b69f2da289404518f5ae37ebd658 | Triage

Sharing

General

Target

db4086c6b6139edf6c93525c3c2510137c68b69f2da289404518f5ae37ebd658
Size

1.5MB
Sample

221125-mk88ksag48
MD5

535dbfb59dcccc701bd2960a41dd6489
SHA1

5c649624998a03ec8d4bec5b44311147aa06e89b
SHA256

db4086c6b6139edf6c93525c3c2510137c68b69f2da289404518f5ae37ebd658
SHA512

f0e3e196bf24aad2f674b3adc226c657567a13ede477679e8db2f6669fef4a5087b2942c9d39bb9ef38c7a2811e81661c4f49c6b7492902f562bbacd35decda2
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGN:wcZC35VcOcmDcc6CdL

Score

7^/10

Malware Config

Targets

- Target
  
  db4086c6b6139edf6c93525c3c2510137c68b69f2da289404518f5ae37ebd658
- Size
  
  1.5MB
- MD5
  
  535dbfb59dcccc701bd2960a41dd6489
- SHA1
  
  5c649624998a03ec8d4bec5b44311147aa06e89b
- SHA256
  
  db4086c6b6139edf6c93525c3c2510137c68b69f2da289404518f5ae37ebd658
- SHA512
  
  f0e3e196bf24aad2f674b3adc226c657567a13ede477679e8db2f6669fef4a5087b2942c9d39bb9ef38c7a2811e81661c4f49c6b7492902f562bbacd35decda2
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGN:wcZC35VcOcmDcc6CdL
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2