9799c14fa24be862ba2cc3aaba3014bd211f96c2a2b11134b7640edf752dbeb0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

493f0383a996540e99a3cda3eccb328b5fc59b0a51598f80234f97451b9043a6.zip
Size

891KB
Sample

230321-rygspsbb56
MD5

2035725729c3011c8b026bec5152fb62
SHA1

4e02d6a005611fe6863a05b80e8e1eea417450b1
SHA256

9799c14fa24be862ba2cc3aaba3014bd211f96c2a2b11134b7640edf752dbeb0
SHA512

12737cfeb814735c32ff6360070b579f2f1ce9d73701d49ec6320bfb7ac59e7bb12d38d46e86c14a3c4087b77e18f1395c748802381fee0efb84de37633e4c38
SSDEEP

24576:ShDSdS0RwBdZqlCzTHkhsMmrQuPDx0dsM61B9ZRTPK0Qc:snhH1zyBmrQk01iBhblQc

Score

7^/10

Malware Config

Targets

- Target
  
  Shipment_notification.exe
- Size
  
  1.1MB
- MD5
  
  cb6e96983f423fde2ab5423d09b972ca
- SHA1
  
  6e9e2e979fd171f79e9fe0609d125dc859ba53c4
- SHA256
  
  35dc865c22873093d1417a28a5782b40e96ac3a890b51cb57dd89bedb23f1bfb
- SHA512
  
  5dd742208b0872be9a0c3fc2daef97080b1c7c71b68fe5848c6897a38a5f0254446187cc9fa06067253aa82dc7023979161178853743fb118ab95feac427c362
- SSDEEP
  
  24576:idz3MxbMR18gNkhuLBuwegJ3Z1UhlFe+uZfSpe9:m8A1rkhuNr93MnF8Zfce
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2