6f16b0c642029f4afc994b19432c3e4854a27b22866573d321cecf40de0d462e | Triage

Sharing

General

Target

6f16b0c642029f4afc994b19432c3e4854a27b22866573d321cecf40de0d462e
Size

1.5MB
Sample

221125-mvglbabd89
MD5

13464e474526f606a66fb560e9ef34f9
SHA1

60d14b3357e690c3fb3bcd524f75fdfc705b6bcb
SHA256

6f16b0c642029f4afc994b19432c3e4854a27b22866573d321cecf40de0d462e
SHA512

28c4642e994725f14c038f84b51d03195bc1f821d4adbc169427f3dfd7e286d05af7e1428d130543880ab219c67a9b55f8002cd9f8dff391e1d83e8d08ed10d0
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG9:wcZC35VcOcmDcc6Cdr

Score

7^/10

Malware Config

Targets

- Target
  
  6f16b0c642029f4afc994b19432c3e4854a27b22866573d321cecf40de0d462e
- Size
  
  1.5MB
- MD5
  
  13464e474526f606a66fb560e9ef34f9
- SHA1
  
  60d14b3357e690c3fb3bcd524f75fdfc705b6bcb
- SHA256
  
  6f16b0c642029f4afc994b19432c3e4854a27b22866573d321cecf40de0d462e
- SHA512
  
  28c4642e994725f14c038f84b51d03195bc1f821d4adbc169427f3dfd7e286d05af7e1428d130543880ab219c67a9b55f8002cd9f8dff391e1d83e8d08ed10d0
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG9:wcZC35VcOcmDcc6Cdr
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2