36a4e4efaf7908791ed3032e66eeee10cf38a77e0a69bf71e187e0f9b17fdfbc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36a4e4efaf7908791ed3032e66eeee10cf38a77e0a69bf71e187e0f9b17fdfbc
Size

1.5MB
Sample

221125-mze82sbg76
MD5

2e82c36518485c5156e0e73a81a35743
SHA1

67093d59f526e0c99b850f3501ed965d3744d0b1
SHA256

36a4e4efaf7908791ed3032e66eeee10cf38a77e0a69bf71e187e0f9b17fdfbc
SHA512

c25f3d2f119733a033bafbd03fbd80f697796b1c94570eeda3d80be74dc9e4402612d59c7d9f71719c52fe562d6edd61a31e4ac96b19ce42a7e66ce816b609a1
SSDEEP

24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGl:wcZC35VcOcmDcc6Cdn

Score

7^/10

Malware Config

Targets

- Target
  
  36a4e4efaf7908791ed3032e66eeee10cf38a77e0a69bf71e187e0f9b17fdfbc
- Size
  
  1.5MB
- MD5
  
  2e82c36518485c5156e0e73a81a35743
- SHA1
  
  67093d59f526e0c99b850f3501ed965d3744d0b1
- SHA256
  
  36a4e4efaf7908791ed3032e66eeee10cf38a77e0a69bf71e187e0f9b17fdfbc
- SHA512
  
  c25f3d2f119733a033bafbd03fbd80f697796b1c94570eeda3d80be74dc9e4402612d59c7d9f71719c52fe562d6edd61a31e4ac96b19ce42a7e66ce816b609a1
- SSDEEP
  
  24576:Hpa/O74CNt3r2J2FC3eUldZUJ3OlKU4UDcc6Cy+9eGl:wcZC35VcOcmDcc6Cdn
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2