d976bb92215d8bf2cee0ec0e7fc3c65630ca336fc85f0be0dd643a03256e329b | Triage

Sharing

General

Target

d976bb92215d8bf2cee0ec0e7fc3c65630ca336fc85f0be0dd643a03256e329b
Size

1.5MB
Sample

221125-mljpbaag64
MD5

0af89b189ce9799565ac8fc8016e9787
SHA1

c723a51753916743dd1a1d99641c5d9d255c85d5
SHA256

d976bb92215d8bf2cee0ec0e7fc3c65630ca336fc85f0be0dd643a03256e329b
SHA512

240172d1fee83bd7cffccaaa5616ba105f85157e6cbd668690f59b41d5798974b4292201434c01e04cc4da03763c0c351295f3333f75f39c3428e6aa71770390
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGP:wcZC35VcOcmDcc6CdV

Score

7^/10

Malware Config

Targets

- Target
  
  d976bb92215d8bf2cee0ec0e7fc3c65630ca336fc85f0be0dd643a03256e329b
- Size
  
  1.5MB
- MD5
  
  0af89b189ce9799565ac8fc8016e9787
- SHA1
  
  c723a51753916743dd1a1d99641c5d9d255c85d5
- SHA256
  
  d976bb92215d8bf2cee0ec0e7fc3c65630ca336fc85f0be0dd643a03256e329b
- SHA512
  
  240172d1fee83bd7cffccaaa5616ba105f85157e6cbd668690f59b41d5798974b4292201434c01e04cc4da03763c0c351295f3333f75f39c3428e6aa71770390
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGP:wcZC35VcOcmDcc6CdV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2