b64ac5e5b98961d35e7eb98bf139408271a9b4d2020772f7a7c501f18e7413dd | Triage

Sharing

General

Target

b64ac5e5b98961d35e7eb98bf139408271a9b4d2020772f7a7c501f18e7413dd
Size

1.5MB
Sample

221125-mpe6asba67
MD5

06218dd7890bdb358bfe92a116e5fbcd
SHA1

04cc18724eca24882b3a08a1130c07452011220d
SHA256

b64ac5e5b98961d35e7eb98bf139408271a9b4d2020772f7a7c501f18e7413dd
SHA512

cad3ee20ec25d14f40f9bb988d57f1a6307c4acfb20ddded9550669f7fd148706e76d07ce8e904408b0d16040b5c9d8fc196f5fbd9ecd15c8a7d2097e622ecf6
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG5:wcZC35VcOcmDcc6Cdr

Score

7^/10

Malware Config

Targets

- Target
  
  b64ac5e5b98961d35e7eb98bf139408271a9b4d2020772f7a7c501f18e7413dd
- Size
  
  1.5MB
- MD5
  
  06218dd7890bdb358bfe92a116e5fbcd
- SHA1
  
  04cc18724eca24882b3a08a1130c07452011220d
- SHA256
  
  b64ac5e5b98961d35e7eb98bf139408271a9b4d2020772f7a7c501f18e7413dd
- SHA512
  
  cad3ee20ec25d14f40f9bb988d57f1a6307c4acfb20ddded9550669f7fd148706e76d07ce8e904408b0d16040b5c9d8fc196f5fbd9ecd15c8a7d2097e622ecf6
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG5:wcZC35VcOcmDcc6Cdr
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2