84b98954dbed9b7e46fa6740f3352352b1f7a0d2200b2f42c2e319b6bcb2c208 | Triage

Sharing

General

Target

84b98954dbed9b7e46fa6740f3352352b1f7a0d2200b2f42c2e319b6bcb2c208_JC.exe
Size

709KB
Sample

231012-tkf1cscf55
MD5

76ba7fb28158e797d55e24aba593fe06
SHA1

84e62cee00a56d0c1fe61fc5d6228217e28e977b
SHA256

84b98954dbed9b7e46fa6740f3352352b1f7a0d2200b2f42c2e319b6bcb2c208
SHA512

bc2c8efebc4ca224ed3b6afe2d83ae160e2913dddb0e0bb3e5721b6f92c290d52afecd8156500c2f68f143d33fc812b28f4f8d138fce5a6cae1c105f13849233
SSDEEP

12288:kfgjjtgafkabr/iCYmhdQn8qJoHqi7rWUFr6ExebY216Kf/w:kfgjjTfkabjiTCd0Jc37rWUFGyetPw

Score

7^/10

Malware Config

Targets

- Target
  
  84b98954dbed9b7e46fa6740f3352352b1f7a0d2200b2f42c2e319b6bcb2c208_JC.exe
- Size
  
  709KB
- MD5
  
  76ba7fb28158e797d55e24aba593fe06
- SHA1
  
  84e62cee00a56d0c1fe61fc5d6228217e28e977b
- SHA256
  
  84b98954dbed9b7e46fa6740f3352352b1f7a0d2200b2f42c2e319b6bcb2c208
- SHA512
  
  bc2c8efebc4ca224ed3b6afe2d83ae160e2913dddb0e0bb3e5721b6f92c290d52afecd8156500c2f68f143d33fc812b28f4f8d138fce5a6cae1c105f13849233
- SSDEEP
  
  12288:kfgjjtgafkabr/iCYmhdQn8qJoHqi7rWUFr6ExebY216Kf/w:kfgjjTfkabjiTCd0Jc37rWUFGyetPw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2