General

  • Target

    73a16a05675d1d88a0bd2a71186676a157d0199652d49fb956248f6f588d5408

  • Size

    106KB

  • Sample

    221202-vgmjeaba9s

  • MD5

    c6c9544a87e66808fb5585092674f75f

  • SHA1

    7e2259de46c06d90f3600e1dffc8bf9a79d60a4c

  • SHA256

    73a16a05675d1d88a0bd2a71186676a157d0199652d49fb956248f6f588d5408

  • SHA512

    781b51f52d1d089b1c97b17dc27b1367e86fd35a1d46d3cc43615e21bf90a0227bfb4bfd2dc260a7490947744d1ec316b763fa487f5f7b883bd9b4c482d00d9e

  • SSDEEP

    3072:4paxC4QUaBWW51ayv+19WK193Jm+X1rj9XSjn:unJv+1L93BFj9XC

Score
8/10

Malware Config

Targets

    • Target

      73a16a05675d1d88a0bd2a71186676a157d0199652d49fb956248f6f588d5408

    • Size

      106KB

    • MD5

      c6c9544a87e66808fb5585092674f75f

    • SHA1

      7e2259de46c06d90f3600e1dffc8bf9a79d60a4c

    • SHA256

      73a16a05675d1d88a0bd2a71186676a157d0199652d49fb956248f6f588d5408

    • SHA512

      781b51f52d1d089b1c97b17dc27b1367e86fd35a1d46d3cc43615e21bf90a0227bfb4bfd2dc260a7490947744d1ec316b763fa487f5f7b883bd9b4c482d00d9e

    • SSDEEP

      3072:4paxC4QUaBWW51ayv+19WK193Jm+X1rj9XSjn:unJv+1L93BFj9XC

    Score
    8/10
    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks