d3666cc9c852b6f51c64a3d8ab0c9c753523f14996d61725ab6bdd9a4c620c13 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3666cc9c852b6f51c64a3d8ab0c9c753523f14996d61725ab6bdd9a4c620c13
Size

1.5MB
Sample

221125-ml2vwsag88
MD5

13f9cece4e415447973fc09cbe7f77c1
SHA1

1d58a94e2fa657a37b1158e760acc9765f162349
SHA256

d3666cc9c852b6f51c64a3d8ab0c9c753523f14996d61725ab6bdd9a4c620c13
SHA512

97586ed4c002dd30d9a38d1226bfcd5200cc5d78baf67e300e05fd3c675dd3b607cd4d52d86b57f2d336b59a8c9bf0de95b8d39065285e52e552246f1c782dd9
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGP:wcZC35VcOcmDcc6Cdh

Score

7^/10

Malware Config

Targets

- Target
  
  d3666cc9c852b6f51c64a3d8ab0c9c753523f14996d61725ab6bdd9a4c620c13
- Size
  
  1.5MB
- MD5
  
  13f9cece4e415447973fc09cbe7f77c1
- SHA1
  
  1d58a94e2fa657a37b1158e760acc9765f162349
- SHA256
  
  d3666cc9c852b6f51c64a3d8ab0c9c753523f14996d61725ab6bdd9a4c620c13
- SHA512
  
  97586ed4c002dd30d9a38d1226bfcd5200cc5d78baf67e300e05fd3c675dd3b607cd4d52d86b57f2d336b59a8c9bf0de95b8d39065285e52e552246f1c782dd9
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGP:wcZC35VcOcmDcc6Cdh
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2