896c0e46a1a369901e168b4d981d59dbd24a9b3b6b76ed9d0733c656c8af5344 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

896c0e46a1a369901e168b4d981d59dbd24a9b3b6b76ed9d0733c656c8af5344
Size

97KB
Sample

221207-bmek7sed3y
MD5

40092b3fe9e8c30c08f94395fe945b32
SHA1

2c6d0cab790508aa662a9525774a2d8f45f72881
SHA256

896c0e46a1a369901e168b4d981d59dbd24a9b3b6b76ed9d0733c656c8af5344
SHA512

eb11cf6f3c69aee7e579cd80ca334c6f2d11dd4499eebad5f6c5f42a1e44f51733c55f71bdb43fcdee026246aa41a694cf31826f1e2ed43d60c7cc83b8cc01e2
SSDEEP

3072:JMmJmcpPwhh1UUUUUUUUUUUUUUUUUUUUUUUUUUEt+B9F:JMmEP

Score

7^/10

Malware Config

Targets

- Target
  
  896c0e46a1a369901e168b4d981d59dbd24a9b3b6b76ed9d0733c656c8af5344
- Size
  
  97KB
- MD5
  
  40092b3fe9e8c30c08f94395fe945b32
- SHA1
  
  2c6d0cab790508aa662a9525774a2d8f45f72881
- SHA256
  
  896c0e46a1a369901e168b4d981d59dbd24a9b3b6b76ed9d0733c656c8af5344
- SHA512
  
  eb11cf6f3c69aee7e579cd80ca334c6f2d11dd4499eebad5f6c5f42a1e44f51733c55f71bdb43fcdee026246aa41a694cf31826f1e2ed43d60c7cc83b8cc01e2
- SSDEEP
  
  3072:JMmJmcpPwhh1UUUUUUUUUUUUUUUUUUUUUUUUUUEt+B9F:JMmEP
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2