d72faec14c3eefdd918b021fd7d244fd0d25e823a0d93c720bff5b5e592cade8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d72faec14c3eefdd918b021fd7d244fd0d25e823a0d93c720bff5b5e592cade8
Size

199KB
Sample

221203-phfvcsaa84
MD5

759c548bc3adf75d1e4cff5e795415ec
SHA1

a622ff30e5672e9cfac77f2c3816e1235858cbcd
SHA256

d72faec14c3eefdd918b021fd7d244fd0d25e823a0d93c720bff5b5e592cade8
SHA512

5e0a2a66ad66bb124373e02f7ded5d73a915c0055f718a37cab378b8566f992f823961aa0a87f278ccd6e7fc8931121d66de0b459277dcddfb155a3d0b39df7c
SSDEEP

3072:bGeovzQQQL8ghej78NPD4EsoeLE3jr0q6FUn+yPU3NWhj2e7s:bAvzQBTNP52okqb+6IM2ks

Score

7^/10

Malware Config

Targets

- Target
  
  d72faec14c3eefdd918b021fd7d244fd0d25e823a0d93c720bff5b5e592cade8
- Size
  
  199KB
- MD5
  
  759c548bc3adf75d1e4cff5e795415ec
- SHA1
  
  a622ff30e5672e9cfac77f2c3816e1235858cbcd
- SHA256
  
  d72faec14c3eefdd918b021fd7d244fd0d25e823a0d93c720bff5b5e592cade8
- SHA512
  
  5e0a2a66ad66bb124373e02f7ded5d73a915c0055f718a37cab378b8566f992f823961aa0a87f278ccd6e7fc8931121d66de0b459277dcddfb155a3d0b39df7c
- SSDEEP
  
  3072:bGeovzQQQL8ghej78NPD4EsoeLE3jr0q6FUn+yPU3NWhj2e7s:bAvzQBTNP52okqb+6IM2ks
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2