5c034cc3f93fcfe71dd6eb66ae101ec878c12ae4638eeb90774b5e0b9de86996 | Triage

Sharing

General

Target

NEW ORDER FOR JUNE SHIPMENT.rar
Size

699KB
Sample

230612-qyr31acd43
MD5

f2470d3b522a147bf0f3a9777cad94a4
SHA1

a69376fb9fcc081df0fec7ad2e07464af8431bd2
SHA256

5c034cc3f93fcfe71dd6eb66ae101ec878c12ae4638eeb90774b5e0b9de86996
SHA512

dcef2217c8d2899550e60eb02dbf760e679d76e4f253fcccf41cd563b2897f4419367104ae4c3312a5b0e42927a7cc89728044fb3c3d9ca31bc7a672bf81c810
SSDEEP

12288:bIL54zRNmxJ/AxToU70PCgEtWqNJSS/vlnk6vZIVjzv/eLAr/fT:3jkAxTos+AJSS/vlk6vZ6z3mC

Score

7^/10

Malware Config

Targets

- Target
  
  JUNE SOA SETTLEMENT.exe
- Size
  
  831KB
- MD5
  
  195e055770c84e42aad10c7521bb37ed
- SHA1
  
  6323f718a3244608c18cb612ad4edfe1f885575b
- SHA256
  
  14f43e2f2f8728688afc92f9ddf83ff96c8a16de8bb5aa43c420feff29b400d0
- SHA512
  
  34d3bdb29d674162e5ee8794929def0e8db82e8c9fccbbb7f2fa9a6b9f4282d86a1593702f81fea14044de8656b43fc0f630ddff7a17342635f96cce23d632c3
- SSDEEP
  
  12288:QdFr52iNoOe42KMu/N3mWhQmwmJCMpUfbfSj1x4OGmjErZSRylL9+P44/wkymcaq:gFd1mOV/NOaieb4OG5iyuPz/oaJc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2