5adb2edc61c4d3490f4049e8dbb89690a51d118f5304798eb8019c12aaefec44 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5adb2edc61c4d3490f4049e8dbb89690a51d118f5304798eb8019c12aaefec44
Size

1.5MB
Sample

221125-mw7twsfa3s
MD5

6ff098a0d1c30784462edfe25461ec8d
SHA1

20714f4206acd62db411e5fc6858bac0c55afe05
SHA256

5adb2edc61c4d3490f4049e8dbb89690a51d118f5304798eb8019c12aaefec44
SHA512

7011eed05cec6e567135589df918fc8cc7fa7c1d81d8b29dfc0c27b45a44d2c47074d4f7320173bcd4720c410991c7e59f97ac0202a890140266120c22b9a34d
SSDEEP

24576:hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG2:acZC35VcOcmDcc6CdE

Score

7^/10

Malware Config

Targets

- Target
  
  5adb2edc61c4d3490f4049e8dbb89690a51d118f5304798eb8019c12aaefec44
- Size
  
  1.5MB
- MD5
  
  6ff098a0d1c30784462edfe25461ec8d
- SHA1
  
  20714f4206acd62db411e5fc6858bac0c55afe05
- SHA256
  
  5adb2edc61c4d3490f4049e8dbb89690a51d118f5304798eb8019c12aaefec44
- SHA512
  
  7011eed05cec6e567135589df918fc8cc7fa7c1d81d8b29dfc0c27b45a44d2c47074d4f7320173bcd4720c410991c7e59f97ac0202a890140266120c22b9a34d
- SSDEEP
  
  24576:hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eG2:acZC35VcOcmDcc6CdE
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2