dd208244eb1a5fd616173f4dd0ed419bcfc360c5c3237eb0510b4f97fa22b72d | Triage

Sharing

General

Target

DHL6782282.exe
Size

757KB
Sample

230420-f1fgwafg55
MD5

57b4778fbb5d3dcb29ee57b459c4c0f0
SHA1

e8a5388bda35c0ea02de38c79751232d156177f6
SHA256

dd208244eb1a5fd616173f4dd0ed419bcfc360c5c3237eb0510b4f97fa22b72d
SHA512

1384581a13e46951905033eacfd6e1e67b24c9260534bece992f0ed7a802867f2e6b4aa3b41f760ecb29e4e16f18fc1410d6ff646f9b109a2eb20f25f9b41774
SSDEEP

12288:DDiv0S6EHMH91DzZBwuAXaVxpceJ4Sudqtvuf+kDk8iQdZ6xhraLH0DT:DlBEHMd1DtBOaTKUtvuGEpXLHWT

Score

7^/10

Malware Config

Targets

- Target
  
  DHL6782282.exe
- Size
  
  757KB
- MD5
  
  57b4778fbb5d3dcb29ee57b459c4c0f0
- SHA1
  
  e8a5388bda35c0ea02de38c79751232d156177f6
- SHA256
  
  dd208244eb1a5fd616173f4dd0ed419bcfc360c5c3237eb0510b4f97fa22b72d
- SHA512
  
  1384581a13e46951905033eacfd6e1e67b24c9260534bece992f0ed7a802867f2e6b4aa3b41f760ecb29e4e16f18fc1410d6ff646f9b109a2eb20f25f9b41774
- SSDEEP
  
  12288:DDiv0S6EHMH91DzZBwuAXaVxpceJ4Sudqtvuf+kDk8iQdZ6xhraLH0DT:DlBEHMd1DtBOaTKUtvuGEpXLHWT
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2