9130166f2d4737c8180a9a15c853076206f57a67136938b2266c5083fbee4771 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

DWM13.exe
Size

816KB
Sample

231014-snm3eahf99
MD5

abefd78b8ee8d86203e2729074564a13
SHA1

6cc943077b6ddeda8797947906fecce9d3a635a0
SHA256

9130166f2d4737c8180a9a15c853076206f57a67136938b2266c5083fbee4771
SHA512

77574868046e9d00a9bf7c8c0bed48f723d25662c1cb83d64c3e283d48de20656dd9b6661a5bba893df0461a275e39c7224710d2c9179274602db426a1d2e550
SSDEEP

24576:oknuU9+HdsAMvXtfuC56GhZLtZhCMFQgC:oknvhAMvsCJhZhZhRFQgC

Score

7^/10

Malware Config

Targets

- Target
  
  DWM13.exe
- Size
  
  816KB
- MD5
  
  abefd78b8ee8d86203e2729074564a13
- SHA1
  
  6cc943077b6ddeda8797947906fecce9d3a635a0
- SHA256
  
  9130166f2d4737c8180a9a15c853076206f57a67136938b2266c5083fbee4771
- SHA512
  
  77574868046e9d00a9bf7c8c0bed48f723d25662c1cb83d64c3e283d48de20656dd9b6661a5bba893df0461a275e39c7224710d2c9179274602db426a1d2e550
- SSDEEP
  
  24576:oknuU9+HdsAMvXtfuC56GhZLtZhCMFQgC:oknvhAMvsCJhZhZhRFQgC
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2