9f2aa19859e7824997584bd1898d0bb5d9343ae7f23bdf3b43741316833820db | Triage

Sharing

General

Target

9f2aa19859e7824997584bd1898d0bb5d9343ae7f23bdf3b43741316833820db
Size

1.5MB
Sample

221125-mrcsysbb86
MD5

954872d5793b3b6449693086b4b29438
SHA1

955cd03c84e85cc1da36dafa1de2807d09fb4086
SHA256

9f2aa19859e7824997584bd1898d0bb5d9343ae7f23bdf3b43741316833820db
SHA512

6cd16267c3c1e45ac9917e1c6cbe49ac606de52d131e8cc1793d12ea93c70a6e5627f1e4571fea101929bf5a0945e157cf3d20f0ca105f7a7adabd38d3a7be01
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGP:wcZC35VcOcmDcc6Cdt

Score

7^/10

Malware Config

Targets

- Target
  
  9f2aa19859e7824997584bd1898d0bb5d9343ae7f23bdf3b43741316833820db
- Size
  
  1.5MB
- MD5
  
  954872d5793b3b6449693086b4b29438
- SHA1
  
  955cd03c84e85cc1da36dafa1de2807d09fb4086
- SHA256
  
  9f2aa19859e7824997584bd1898d0bb5d9343ae7f23bdf3b43741316833820db
- SHA512
  
  6cd16267c3c1e45ac9917e1c6cbe49ac606de52d131e8cc1793d12ea93c70a6e5627f1e4571fea101929bf5a0945e157cf3d20f0ca105f7a7adabd38d3a7be01
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGP:wcZC35VcOcmDcc6Cdt
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2