62a9a4a09e83bc1ba11bfd726f28324236ca3ec638c7cc46c39aff3ca8f2d9a2 | Triage

Resubmissions

17-03-2023 06:31

230317-g95zkaef24 7

12-03-2023 18:45

230312-xebp8sha2t 7

Sharing

General

Target

tmp
Size

4.3MB
Sample

230312-xebp8sha2t
MD5

36eed7c142e558ed187afea4f6c949c3
SHA1

907d03e167621f5685ad8aae482faebf9cffdd7b
SHA256

62a9a4a09e83bc1ba11bfd726f28324236ca3ec638c7cc46c39aff3ca8f2d9a2
SHA512

bf4916e9a532606e2520bbc24dea60ef496f84891974fcb1b3b469d23deae6563b6fb30291fd67ac3f18bcaea5e14680e195f9310550d0a8ce8b66d0cd448102
SSDEEP

98304:I6/sYnlE/5X3BsTpdKl1aDeL2QeLPb/K+EH/:4sWRHGe1GJVPTOH/

Score

7^/10

Malware Config

Targets

- Target
  
  tmp
- Size
  
  4.3MB
- MD5
  
  36eed7c142e558ed187afea4f6c949c3
- SHA1
  
  907d03e167621f5685ad8aae482faebf9cffdd7b
- SHA256
  
  62a9a4a09e83bc1ba11bfd726f28324236ca3ec638c7cc46c39aff3ca8f2d9a2
- SHA512
  
  bf4916e9a532606e2520bbc24dea60ef496f84891974fcb1b3b469d23deae6563b6fb30291fd67ac3f18bcaea5e14680e195f9310550d0a8ce8b66d0cd448102
- SSDEEP
  
  98304:I6/sYnlE/5X3BsTpdKl1aDeL2QeLPb/K+EH/:4sWRHGe1GJVPTOH/
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2