a835f1cb9f73ffc075ef9b8138c8807511eea8db22a1c0edc401b327a093efaa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SC621092Y.ISO.iso
Size

1.4MB
Sample

230612-kw59ysbb42
MD5

435f759bb374cd35f042efc48dd34e54
SHA1

85c00f525c839837cb9d079ec93bbfd608eccb03
SHA256

a835f1cb9f73ffc075ef9b8138c8807511eea8db22a1c0edc401b327a093efaa
SHA512

07c8e16f0485442c52b1475fc0a2b0105cdeb3f5bd89af2b161897d8b6c5f0a54b796ecfcd372b8272b66418be0857f960f8fb25c1fc54fc5e4b3c966d718659
SSDEEP

24576:LV1mOV/NOa0WXTRVYUtbS+D9+HX1uH5vzIz5Z:LVUOV/NOazfY8bZQHX1uH5vzIz7

Score

7^/10

Malware Config

Targets

- Target
  
  SC621092.EXE
- Size
  
  832KB
- MD5
  
  f8efcba2959be68aa3ac02e97e57462b
- SHA1
  
  12d63474867d4e3f8c9817931e033a7f88b31bd7
- SHA256
  
  9eee55870f96064bcff1483074720ac2f5b19da69ee94f72f04a6e8b8b1e8290
- SHA512
  
  d2d65a5e9f38822b2bb2fa482b1e870931ddca46cd57e423c2d7961e396b4f3c0c27aa86715168d787156165dd8966ef198ff68547f08a2883277f97397ca257
- SSDEEP
  
  24576:jV1mOV/NOa0WXTRVYUtbS+D9+HX1uH5vzIz5Z:jVUOV/NOazfY8bZQHX1uH5vzIz7
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2