717f0e27d80a58d7cd9dbba4460efce546c68e6cd5e17e6bc604e0f596b7e311 | Triage

Sharing

General

Target

717f0e27d80a58d7cd9dbba4460efce546c68e6cd5e17e6bc604e0f596b7e311
Size

1.5MB
Sample

221125-mvag1abd78
MD5

f91c4e92d892e7f886ab7e42701a3426
SHA1

fd82d7112e6b69876a4d13fbda9c913435c9fb72
SHA256

717f0e27d80a58d7cd9dbba4460efce546c68e6cd5e17e6bc604e0f596b7e311
SHA512

8e46ecf8c7369f33297116f634d71e4bfa8b88c1af4d72bc8040cb4c99a302e9819aa42a8be322d280021757ed09c1a1af884d0fecabcd97109e550626d00d48
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGe:wcZC35VcOcmDcc6CdI

Score

7^/10

Malware Config

Targets

- Target
  
  717f0e27d80a58d7cd9dbba4460efce546c68e6cd5e17e6bc604e0f596b7e311
- Size
  
  1.5MB
- MD5
  
  f91c4e92d892e7f886ab7e42701a3426
- SHA1
  
  fd82d7112e6b69876a4d13fbda9c913435c9fb72
- SHA256
  
  717f0e27d80a58d7cd9dbba4460efce546c68e6cd5e17e6bc604e0f596b7e311
- SHA512
  
  8e46ecf8c7369f33297116f634d71e4bfa8b88c1af4d72bc8040cb4c99a302e9819aa42a8be322d280021757ed09c1a1af884d0fecabcd97109e550626d00d48
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGe:wcZC35VcOcmDcc6CdI
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2