6088e5794bbad98ae26121ec1c195a03b0b575e602a4a2bc2c8e299647186abd | Triage

Sharing

General

Target

Potwierdzenie realizacji transakcji 65634634000000035322023.exe
Size

252KB
Sample

230505-l1nfdahc94
MD5

23a82cbc33424965b0c9143ba70f0647
SHA1

1c8cb5ed110f0b0de399d98b1da7f0119e774409
SHA256

6088e5794bbad98ae26121ec1c195a03b0b575e602a4a2bc2c8e299647186abd
SHA512

d199cecf6cfc198207af18ce548658f407691e58cfde51e36686d6d3adb2d182207e1c1c7a0e8c73f6c251ad8b56ae07616e9aacaac99c65dfbbde08375a89fd
SSDEEP

6144:vYa6vF4gxGKPhYhrtQyzGj0MFqr5+nMQl/FJzMCt:vYdF3lZettqj0T+MQlp

Score

7^/10

Malware Config

Targets

- Target
  
  Potwierdzenie realizacji transakcji 65634634000000035322023.exe
- Size
  
  252KB
- MD5
  
  23a82cbc33424965b0c9143ba70f0647
- SHA1
  
  1c8cb5ed110f0b0de399d98b1da7f0119e774409
- SHA256
  
  6088e5794bbad98ae26121ec1c195a03b0b575e602a4a2bc2c8e299647186abd
- SHA512
  
  d199cecf6cfc198207af18ce548658f407691e58cfde51e36686d6d3adb2d182207e1c1c7a0e8c73f6c251ad8b56ae07616e9aacaac99c65dfbbde08375a89fd
- SSDEEP
  
  6144:vYa6vF4gxGKPhYhrtQyzGj0MFqr5+nMQl/FJzMCt:vYdF3lZettqj0T+MQlp
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2