General

  • Target

    sample.exe

  • Size

    681KB

  • Sample

    230208-kk3ppahg79

  • MD5

    02d32289149e7f8e271d7a863cb30990

  • SHA1

    d07dbcdb61a88e7887efa1332c47eb15963013cb

  • SHA256

    608c05ae5120ee3ba36e1f105c4136e5d0cb4b6024b453bc8587a82458d30b71

  • SHA512

    73beae3ac4b99b1b39e997e96e5270cc12b8c9a86a261dbbb2bfdfba8bbe465506e24fac4f4a97604a00e08f60970b081544482d7e7edbfc5ebefc44b2fce83d

  • SSDEEP

    12288:rbJKteY6nXxNguWxxOE+eN2+ZMZi+ocWeh3ih9HXAf:PgR6nXxlWiE+eN2GGiRcBYTQf

Score
7/10

Malware Config

Targets

    • Target

      sample.exe

    • Size

      681KB

    • MD5

      02d32289149e7f8e271d7a863cb30990

    • SHA1

      d07dbcdb61a88e7887efa1332c47eb15963013cb

    • SHA256

      608c05ae5120ee3ba36e1f105c4136e5d0cb4b6024b453bc8587a82458d30b71

    • SHA512

      73beae3ac4b99b1b39e997e96e5270cc12b8c9a86a261dbbb2bfdfba8bbe465506e24fac4f4a97604a00e08f60970b081544482d7e7edbfc5ebefc44b2fce83d

    • SSDEEP

      12288:rbJKteY6nXxNguWxxOE+eN2+ZMZi+ocWeh3ih9HXAf:PgR6nXxlWiE+eN2GGiRcBYTQf

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks