e24703edbc71118dc2a21a1d145147cea8be45a0895283f2cb0fee596a753a05 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e24703edbc71118dc2a21a1d145147cea8be45a0895283f2cb0fee596a753a05
Size

280KB
Sample

221204-qjnf9scb96
MD5

0c90de73cb1c3c5dc2d4df203bcfff07
SHA1

95c9e0f0fd19c20d26c56eb44245778fb3aee6f4
SHA256

e24703edbc71118dc2a21a1d145147cea8be45a0895283f2cb0fee596a753a05
SHA512

9b967357f1c08f909734fffb64bac25696a3762b0448a9bd5420f3057d4b5444fffd5ce47aa6eda288f57d4f52b52e0f99c9e86c1d1acfcec6b09d30cc8adebf
SSDEEP

6144:J3Bh+L4oAd4r3wi3R6JqJCAL4WsXz11PDhTAXBgoz:Jf+TAdQf49z6BgK

Score

8^/10

Malware Config

Targets

- Target
  
  e24703edbc71118dc2a21a1d145147cea8be45a0895283f2cb0fee596a753a05
- Size
  
  280KB
- MD5
  
  0c90de73cb1c3c5dc2d4df203bcfff07
- SHA1
  
  95c9e0f0fd19c20d26c56eb44245778fb3aee6f4
- SHA256
  
  e24703edbc71118dc2a21a1d145147cea8be45a0895283f2cb0fee596a753a05
- SHA512
  
  9b967357f1c08f909734fffb64bac25696a3762b0448a9bd5420f3057d4b5444fffd5ce47aa6eda288f57d4f52b52e0f99c9e86c1d1acfcec6b09d30cc8adebf
- SSDEEP
  
  6144:J3Bh+L4oAd4r3wi3R6JqJCAL4WsXz11PDhTAXBgoz:Jf+TAdQf49z6BgK
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2