ca03561b59f1ba61afadfb577241e8c4f6ba56c7912ea62b6db9fb32a52b36bb | Triage

Sharing

General

Target

ca03561b59f1ba61afadfb577241e8c4f6ba56c7912ea62b6db9fb32a52b36bb
Size

1.4MB
Sample

230210-lp7d4sgd4s
MD5

939d6f6dd06eb826b27eda72f2ebe9c2
SHA1

2ca7b12d8473867b6667a463aec7588a41ef9803
SHA256

ca03561b59f1ba61afadfb577241e8c4f6ba56c7912ea62b6db9fb32a52b36bb
SHA512

c233dc59a41b1bec43b854d4f880efb3db4c0eeb0c5561b59a8a5e268824cc1a0e9f0dc5f4e98ef630606b2929c6784c97fbe79ac15cc5a6986f36beb2091201
SSDEEP

24576:O6/ZjTQHEFtxd/UdKir+X4vBrgQKf+VtHCi6uOUteZk:xy0Q81YtH1/e

Score

7^/10

Malware Config

Targets

- Target
  
  ca03561b59f1ba61afadfb577241e8c4f6ba56c7912ea62b6db9fb32a52b36bb
- Size
  
  1.4MB
- MD5
  
  939d6f6dd06eb826b27eda72f2ebe9c2
- SHA1
  
  2ca7b12d8473867b6667a463aec7588a41ef9803
- SHA256
  
  ca03561b59f1ba61afadfb577241e8c4f6ba56c7912ea62b6db9fb32a52b36bb
- SHA512
  
  c233dc59a41b1bec43b854d4f880efb3db4c0eeb0c5561b59a8a5e268824cc1a0e9f0dc5f4e98ef630606b2929c6784c97fbe79ac15cc5a6986f36beb2091201
- SSDEEP
  
  24576:O6/ZjTQHEFtxd/UdKir+X4vBrgQKf+VtHCi6uOUteZk:xy0Q81YtH1/e
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2