f2546dc68e6d970b444ad11b6fb5dbc400e37a053ab05c0f7491e86c46801fcf | Triage

Sharing

General

Target

f2546dc68e6d970b444ad11b6fb5dbc400e37a053ab05c0f7491e86c46801fcf
Size

23KB
Sample

221206-c1zzqsca7y
MD5

de5a17005b96f2546c29f0e30ed9eda5
SHA1

822b10ec76a86d3dec471d68334a178e8f94bd27
SHA256

f2546dc68e6d970b444ad11b6fb5dbc400e37a053ab05c0f7491e86c46801fcf
SHA512

527ff1f8f384b17c11a03f28505d482bee062bca019b6f93b0654adf4ada0ab446ae8ea1cb105aea2f1832f85a7f9294004c91b9f633ed2df3350bb816fb5788
SSDEEP

384:GHV8zT/C9tAEeKyXqVRzBFFFCmpRFEA9KBx0aSGPZJX6gyHF8FFFKSIrd9Vb0nl7:mCmWfeRCmJEA9KBx0aSGX6gyBd9VbvbC

Score

7^/10

Malware Config

Targets

- Target
  
  f2546dc68e6d970b444ad11b6fb5dbc400e37a053ab05c0f7491e86c46801fcf
- Size
  
  23KB
- MD5
  
  de5a17005b96f2546c29f0e30ed9eda5
- SHA1
  
  822b10ec76a86d3dec471d68334a178e8f94bd27
- SHA256
  
  f2546dc68e6d970b444ad11b6fb5dbc400e37a053ab05c0f7491e86c46801fcf
- SHA512
  
  527ff1f8f384b17c11a03f28505d482bee062bca019b6f93b0654adf4ada0ab446ae8ea1cb105aea2f1832f85a7f9294004c91b9f633ed2df3350bb816fb5788
- SSDEEP
  
  384:GHV8zT/C9tAEeKyXqVRzBFFFCmpRFEA9KBx0aSGPZJX6gyHF8FFFKSIrd9Vb0nl7:mCmWfeRCmJEA9KBx0aSGX6gyBd9VbvbC
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Program crash
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2