d5c1c64135fad708c51d88ecc889a1b50404bfd3233f01a7b5f0d26b2c718b2e | Triage

Sharing

General

Target

PrimeSetup_1234_FullVersion_Active.rar
Size

12MB
Sample

221220-q9wwbshg49
MD5

b5cb89dea0e05b183cf67db7556e1443
SHA1

3eea38685441df24dd8b3eb26844133264541c7e
SHA256

d5c1c64135fad708c51d88ecc889a1b50404bfd3233f01a7b5f0d26b2c718b2e
SHA512

cb29a67bd1ef7dbe1f6a3ff497eec830a12da8c4a627f3cb9919a698db2a6fee00785f44d34e9404b52676377f006345b150407b87e44c9b3a65717e6d0edd66
SSDEEP

196608:mRLI33Q+BiAXEkLmJbZmc6T6a6o8gPsSbMeu4kk/JJhcDJ+depxgXpkAyG8RcEuD:my3tBiiER1ZP6OQPJf/Gsh22EuJF

Score

7^/10

Malware Config

Targets

- Target
  
  Setup.exe
- Size
  
  837MB
- MD5
  
  bf6b5f2d76fb058e3e6a38cbdbdd22a5
- SHA1
  
  dfef116bd3994f05476040608d63fd8af19d09d7
- SHA256
  
  b2f86cda9f22b4adc43c5bb08dfc2625619ab487c5f172b35ce190ac6d8782a9
- SHA512
  
  c06b9dc975d707038efc2a88c45f629fa3944bc5b7ecf2d979e5f8db52e60b161f42e82de92c7ed80482acb90bac436eeda77407047efab943380de72d57e9f4
- SSDEEP
  
  12288:PO5wC1Qx3/FeGLO9g4afrfYF3pVIyZZ8tfX9D6V01lpnOrsPgi:25wslGLacfYF8yEtftGY/Or+h
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2