87786a5cc29f81e11e18160e35d23050a6951e901d3eb8e6e3cca4a59d308f4c | Triage

Sharing

General

Target

87786a5cc29f81e11e18160e35d23050a6951e901d3eb8e6e3cca4a59d308f4c
Size

1.5MB
Sample

221125-mswx8aeg4s
MD5

5872e4c4b0f20458c83c376735249f0a
SHA1

63a6bf3713b734874c3719fc615d848964fdc4fb
SHA256

87786a5cc29f81e11e18160e35d23050a6951e901d3eb8e6e3cca4a59d308f4c
SHA512

bdada0c19419f7faa352724ed73590cfe0e842c8fdbb42ca646604500b942860e58071f136d9ad59c5725f2b6bbc8e441aa4e5cc472f2b223c8f457f43dbde42
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG1:wcZC35VcOcmDcc6CdL

Score

7^/10

Malware Config

Targets

- Target
  
  87786a5cc29f81e11e18160e35d23050a6951e901d3eb8e6e3cca4a59d308f4c
- Size
  
  1.5MB
- MD5
  
  5872e4c4b0f20458c83c376735249f0a
- SHA1
  
  63a6bf3713b734874c3719fc615d848964fdc4fb
- SHA256
  
  87786a5cc29f81e11e18160e35d23050a6951e901d3eb8e6e3cca4a59d308f4c
- SHA512
  
  bdada0c19419f7faa352724ed73590cfe0e842c8fdbb42ca646604500b942860e58071f136d9ad59c5725f2b6bbc8e441aa4e5cc472f2b223c8f457f43dbde42
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG1:wcZC35VcOcmDcc6CdL
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2