e23c61fa4ef7e35270d2682f6da5fa067a3610507a3d631d67fcf060302a54dc | Triage

Sharing

General

Target

046753b5aa6691c61045ec71b8094677.exe
Size

739KB
Sample

230328-2splgadg52
MD5

046753b5aa6691c61045ec71b8094677
SHA1

8551d892ce75e35a1ebc2813da545857d2b523f9
SHA256

e23c61fa4ef7e35270d2682f6da5fa067a3610507a3d631d67fcf060302a54dc
SHA512

c9051920c6c7469b341ba30c23104ad6ac0009e31e30744922b4b6a7af5e634a525285b0cd8a828648beb2cf88eb8462feb06ec5eb4513fa78e0a223f45cb2b9
SSDEEP

12288:RQDc7YUSW3QDzJ80MRtOE/d9yfZ1+YAJ:g+QXJ80MRtOE/jq2Ym

Score

7^/10

Malware Config

Targets

- Target
  
  046753b5aa6691c61045ec71b8094677.exe
- Size
  
  739KB
- MD5
  
  046753b5aa6691c61045ec71b8094677
- SHA1
  
  8551d892ce75e35a1ebc2813da545857d2b523f9
- SHA256
  
  e23c61fa4ef7e35270d2682f6da5fa067a3610507a3d631d67fcf060302a54dc
- SHA512
  
  c9051920c6c7469b341ba30c23104ad6ac0009e31e30744922b4b6a7af5e634a525285b0cd8a828648beb2cf88eb8462feb06ec5eb4513fa78e0a223f45cb2b9
- SSDEEP
  
  12288:RQDc7YUSW3QDzJ80MRtOE/d9yfZ1+YAJ:g+QXJ80MRtOE/jq2Ym
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2