c6674b038c3dd0485deb322f781a4148dee4e942ef41bececba162867dbcea44 | Triage

Sharing

General

Target

PO203-09024.exe
Size

335KB
Sample

231011-yz12asag3x
MD5

39d7d490c18d1a8b5a02a08e9947c452
SHA1

2d643d0279944d6c0e1c7d563de2272745e226f1
SHA256

c6674b038c3dd0485deb322f781a4148dee4e942ef41bececba162867dbcea44
SHA512

a33ed07304863aab057ab8cd887561257926326c0f6184add4de7c3cba7a85b831445a58e3da16e936a5a696483b4c889ad02c655068135a9b8a172afde9f7ff
SSDEEP

6144:vYa6W9pNWihNRNoIkGNRlKg0xT9bXuP0KOWumAhWzrjJp+IQ01dU:vYEBWMNtLlKgAT9besKO8HjDQ01a

Score

7^/10

Malware Config

Targets

- Target
  
  PO203-09024.exe
- Size
  
  335KB
- MD5
  
  39d7d490c18d1a8b5a02a08e9947c452
- SHA1
  
  2d643d0279944d6c0e1c7d563de2272745e226f1
- SHA256
  
  c6674b038c3dd0485deb322f781a4148dee4e942ef41bececba162867dbcea44
- SHA512
  
  a33ed07304863aab057ab8cd887561257926326c0f6184add4de7c3cba7a85b831445a58e3da16e936a5a696483b4c889ad02c655068135a9b8a172afde9f7ff
- SSDEEP
  
  6144:vYa6W9pNWihNRNoIkGNRlKg0xT9bXuP0KOWumAhWzrjJp+IQ01dU:vYEBWMNtLlKgAT9besKO8HjDQ01a
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2