97b71483addc5c15bacbbb7c735f911294e9bc8c074a4e9418ac43269f986e00 | Triage

Resubmissions

20/06/2023, 23:22

230620-3crlkaeg49 7

18/06/2023, 23:57

230618-3zlntsbe31 7

16/06/2023, 12:42

230616-pxt1jaeg3t 7

15/06/2023, 12:54

230615-p5pqsahb5z 7

15/06/2023, 06:27

230615-g7thraeh5y 7

15/06/2023, 06:20

230615-g3t9gseh31 7

15/06/2023, 04:41

230615-fa82haef59 7

Sharing

Copy URL Twitter E-mail

General

Target

新しいプロジェクトのリクエスト.r11
Size

528KB
Sample

230618-3zlntsbe31
MD5

a2c242fa7e54af251ed7d9ab00c73dfa
SHA1

aa66a51c5c0001e322b9b266d33ac3844debeb70
SHA256

97b71483addc5c15bacbbb7c735f911294e9bc8c074a4e9418ac43269f986e00
SHA512

9248b69eeb70e65d5d9240ed0b75041a674dc8b668f2753a6477fb7fa27d67cfb4a1407993f758b4f14a2e88edf333797ee3e16a3d366f56e727addc76298190
SSDEEP

12288:Fg6L7PCzcsqIX1E1dG/+PJHvLqVWw3HPVcm87Gw:Fg6PPCzcsn1oGAPe8YvVcD73

Score

7^/10

Malware Config

Targets

- Target
  
  新しいプロジェクトのリクエスト.exe
- Size
  
  915KB
- MD5
  
  1d8a14663c67671a02af59df183eb3b1
- SHA1
  
  d0e861a2834ec3fddaeced55b0e1ab284ca97bfb
- SHA256
  
  c41c2cc0d308b9aaceab396fa08b130f9918965ff07bb9776428b6eea48b56af
- SHA512
  
  db4796ab703cbc902b1c0ebb1c9d3d2990e1792368486972ea61d012ce7a7d543d886ce20511da1457594fefcd129f48c5896e8037542e9e5a83f76b7be94492
- SSDEEP
  
  12288:Z+ds3q5sIsskRYgD3zsgvEhYDbd/fLONTF3A4Jwd:Z+dXz6jsgvEhkFeB3APd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2