898d893d7c46d0c70d498f0323b24175c4d49df99b88f57d30aef08cb3e3edca | Triage

Sharing

General

Target

maxoysj4762.exe
Size

585KB
Sample

230417-m98ncafe3z
MD5

d6bf1f473ce21610f125492e27d1a4e4
SHA1

c51444cd94cbfb2f955f555feac4512ed7ef33d1
SHA256

898d893d7c46d0c70d498f0323b24175c4d49df99b88f57d30aef08cb3e3edca
SHA512

80bd6043c1db88b2c00225edfef7bc66f573421816c7b52f1a6478b09060dfd2b95994be549d11269f74b332c4cef8b79f9b430fb0da6ac21226b50ec1cc4b74
SSDEEP

12288:aHWHvZzn5JuHNKu0H4AMSpr7kIdhq8SKaGl7Cwu7k9QJ:a2Phn5otW4yZgmqjMZ6490

Score

7^/10

Malware Config

Targets

- Target
  
  maxoysj4762.exe
- Size
  
  585KB
- MD5
  
  d6bf1f473ce21610f125492e27d1a4e4
- SHA1
  
  c51444cd94cbfb2f955f555feac4512ed7ef33d1
- SHA256
  
  898d893d7c46d0c70d498f0323b24175c4d49df99b88f57d30aef08cb3e3edca
- SHA512
  
  80bd6043c1db88b2c00225edfef7bc66f573421816c7b52f1a6478b09060dfd2b95994be549d11269f74b332c4cef8b79f9b430fb0da6ac21226b50ec1cc4b74
- SSDEEP
  
  12288:aHWHvZzn5JuHNKu0H4AMSpr7kIdhq8SKaGl7Cwu7k9QJ:a2Phn5otW4yZgmqjMZ6490
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2