6307ec00e7e38f608f6b8069062493faeed845a11b70613b835e328ca9fe308f | Triage

Sharing

General

Target

6307ec00e7e38f608f6b8069062493faeed845a11b70613b835e328ca9fe308f
Size

1.5MB
Sample

221125-mwqklseh8z
MD5

476f25a97a19fd094a3315b4a6dd3e4d
SHA1

1324d47876a3c93890a92609a59250aa26ff4f9a
SHA256

6307ec00e7e38f608f6b8069062493faeed845a11b70613b835e328ca9fe308f
SHA512

6bbe8f2cd849a9f984cbe74388390db88925d7eca98e9e094ef136a59b7fb24a4a2b385d8bc9936307cf326a784bdca207dc36d123258e0fc37b18144d3b1e4c
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGl:wcZC35VcOcmDcc6Cd/

Score

7^/10

Malware Config

Targets

- Target
  
  6307ec00e7e38f608f6b8069062493faeed845a11b70613b835e328ca9fe308f
- Size
  
  1.5MB
- MD5
  
  476f25a97a19fd094a3315b4a6dd3e4d
- SHA1
  
  1324d47876a3c93890a92609a59250aa26ff4f9a
- SHA256
  
  6307ec00e7e38f608f6b8069062493faeed845a11b70613b835e328ca9fe308f
- SHA512
  
  6bbe8f2cd849a9f984cbe74388390db88925d7eca98e9e094ef136a59b7fb24a4a2b385d8bc9936307cf326a784bdca207dc36d123258e0fc37b18144d3b1e4c
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGl:wcZC35VcOcmDcc6Cd/
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2