General

  • Target

    FullActive_setup_1234_New_Version.rar

  • Size

    1MB

  • Sample

    221220-q5fcsahf97

  • MD5

    1b99c84f9169595f4f5202e271034445

  • SHA1

    8ab165ab9e945328cc41d8b68dfe563aaa1f7d43

  • SHA256

    9ee3fcfcffc981d7cf0ff3909d0743b0fd4c73ff79a7d4e8a57aa01a886f11f0

  • SHA512

    0cc0332a52a7e1a0c2d8ce7d469ada2042a6a78b144247e5f8399160958f022ace57130b9ab10903bf7471427b54bfda805e81171442e39da73eccbd04e3080d

  • SSDEEP

    24576:6vyODC2P0Q3Sv4blyHB9oLJAnoPbP8INlLjTTQDXLJVWc7j2+oi:gyMZ3Q4blyHGAnsbEs9TTQLl0y/oi

Score
7/10

Malware Config

Targets

    • Target

      Setup.exe

    • Size

      762MB

    • MD5

      c0d7637078d5dfa01af93ab2dda9b426

    • SHA1

      c092990822a34d403bbbc0a640a2672e7d3e17df

    • SHA256

      77cf1211c5fbbac802da6f3acfabfcd83a94e8e0fef6f50f925ddcc7bee412db

    • SHA512

      e4b7c06fa95bf0424234f2c65d3277a5d3d69bf16ccf33f4c29518ac611fc9509274c76186c513634bbd54261f7dfaed5a872ec4ea71a4f1860f2d118578b537

    • SSDEEP

      12288:xqW6IJZ9XZIP6pkrpZYDNqmMGZUXBkMVPWgL19MZP1m2xSImSj:v6W7jG1tRfWqMZPHxSc

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                      Privilege Escalation

                        Tasks