74634a6d4ad2f0f89cfe2ab40daa8c8b3c7d903b1ce745bf8ad4fea8860ec412 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85c27234aa291cde56c1a78603d71081.bin
Size

574KB
Sample

231005-caj6laaa58
MD5

1817aa4cc42fc4de8b7b24b029a6cd6d
SHA1

d60aeb16888af7a4e38447c42eab44bca6a0bc1e
SHA256

74634a6d4ad2f0f89cfe2ab40daa8c8b3c7d903b1ce745bf8ad4fea8860ec412
SHA512

d25b3a760b3933dd443da809de066565cc33974ef6aee9dfce5e91b5d2dc4dc343488e6e6113a7e25867a1f1fea6ce1d0f7e19f6de40e5c5961709b3bccd0a20
SSDEEP

12288:1UvhgbMSz75U9sth8o3RB+WejAMmOMBItcefk2xpee+43V:1UvhgbFRYsth8o3abA/ypx

Score

7^/10

Malware Config

Targets

- Target
  
  467c52a90f7d13e15318cd8c68ccd3483f7de5c728d1137916b1f440aa1e10c9.exe
- Size
  
  663KB
- MD5
  
  85c27234aa291cde56c1a78603d71081
- SHA1
  
  2ff954f2f223fe6e9fe2e78ace13427f07a5e69c
- SHA256
  
  467c52a90f7d13e15318cd8c68ccd3483f7de5c728d1137916b1f440aa1e10c9
- SHA512
  
  6b265b84a817e8c0227776524e31e04281405a69413878ba89552dc5ef6f4d5db797e1e5f8637d91e35540184cedb89b353fd7345a6fd7cd068e138f27a7255b
- SSDEEP
  
  12288:uXiSAx5PWPQKpES7mmrcBzA5DpdwzV1PLR35XkYfdxTMcTIuIdY1Be:uX7Ax5uPdBcKpdwh1t3K+TT7IQe
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2