9ee3fcfcffc981d7cf0ff3909d0743b0fd4c73ff79a7d4e8a57aa01a886f11f0 | Triage

Sharing

General

Target

FullActive_setup_1234_New_Version.rar
Size

1MB
Sample

221220-q5fcsahf97
MD5

1b99c84f9169595f4f5202e271034445
SHA1

8ab165ab9e945328cc41d8b68dfe563aaa1f7d43
SHA256

9ee3fcfcffc981d7cf0ff3909d0743b0fd4c73ff79a7d4e8a57aa01a886f11f0
SHA512

0cc0332a52a7e1a0c2d8ce7d469ada2042a6a78b144247e5f8399160958f022ace57130b9ab10903bf7471427b54bfda805e81171442e39da73eccbd04e3080d
SSDEEP

24576:6vyODC2P0Q3Sv4blyHB9oLJAnoPbP8INlLjTTQDXLJVWc7j2+oi:gyMZ3Q4blyHGAnsbEs9TTQLl0y/oi

Score

7^/10

Malware Config

Targets

- Target
  
  Setup.exe
- Size
  
  762MB
- MD5
  
  c0d7637078d5dfa01af93ab2dda9b426
- SHA1
  
  c092990822a34d403bbbc0a640a2672e7d3e17df
- SHA256
  
  77cf1211c5fbbac802da6f3acfabfcd83a94e8e0fef6f50f925ddcc7bee412db
- SHA512
  
  e4b7c06fa95bf0424234f2c65d3277a5d3d69bf16ccf33f4c29518ac611fc9509274c76186c513634bbd54261f7dfaed5a872ec4ea71a4f1860f2d118578b537
- SSDEEP
  
  12288:xqW6IJZ9XZIP6pkrpZYDNqmMGZUXBkMVPWgL19MZP1m2xSImSj:v6W7jG1tRfWqMZPHxSc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2