77194b668ce640225df0d876e991d58dc8c08e809474cd21abe5dc030857cb10 | Triage

Sharing

General

Target

13a237b2f7042de8f7585c54d2432b6c.exe
Size

871KB
Sample

230317-fkn43sec87
MD5

13a237b2f7042de8f7585c54d2432b6c
SHA1

a6803950285eb446fc57d9722507816731ec93f6
SHA256

77194b668ce640225df0d876e991d58dc8c08e809474cd21abe5dc030857cb10
SHA512

8a2f0d7b17d59b3d780fb1b870e9e0e624fdd45a13a67cee856b2587c5b744ea211331e982d83126843805fec96003d2b8f8c2364559dbf2c4eaee611ca4dd87
SSDEEP

12288:hzCmBMpjkjXyuaqPMQK4bUyicmpOwKgkf6QktWivF1HxjqQBxK9i/v8:pcjkj+eMYPivO5f5kWSjpqQBxJ0

Score

7^/10

Malware Config

Targets

- Target
  
  13a237b2f7042de8f7585c54d2432b6c.exe
- Size
  
  871KB
- MD5
  
  13a237b2f7042de8f7585c54d2432b6c
- SHA1
  
  a6803950285eb446fc57d9722507816731ec93f6
- SHA256
  
  77194b668ce640225df0d876e991d58dc8c08e809474cd21abe5dc030857cb10
- SHA512
  
  8a2f0d7b17d59b3d780fb1b870e9e0e624fdd45a13a67cee856b2587c5b744ea211331e982d83126843805fec96003d2b8f8c2364559dbf2c4eaee611ca4dd87
- SSDEEP
  
  12288:hzCmBMpjkjXyuaqPMQK4bUyicmpOwKgkf6QktWivF1HxjqQBxK9i/v8:pcjkj+eMYPivO5f5kWSjpqQBxJ0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2