0f246af8c883d5b929c422232d78a7adc5207b537d5fc5da042c21573afe2e1b | Triage

Sharing

General

Target

0f246af8c883d5b929c422232d78a7adc5207b537d5fc5da042c21573afe2e1b
Size

1.6MB
Sample

231115-cxtcsabh3v
MD5

d71ac5bef068853a381d3566cc4fdf8e
SHA1

af9db5a130d186e609e1f8cc96da5c5e5e546dbe
SHA256

0f246af8c883d5b929c422232d78a7adc5207b537d5fc5da042c21573afe2e1b
SHA512

b3831408f070777eab761e241d9c3784a2c0012b83c50758879fbddd01547a1b652928d31c3d44688ae7d76527e2e670d48819ba89a7f5c4cdd34ebbe4d39fa8
SSDEEP

49152:aZjqaxwt6H6A17SIEB03d5acjWRIwTtPsK:0jb6/2fac6R3TtP5

Score

7^/10

Malware Config

Targets

- Target
  
  0f246af8c883d5b929c422232d78a7adc5207b537d5fc5da042c21573afe2e1b
- Size
  
  1.6MB
- MD5
  
  d71ac5bef068853a381d3566cc4fdf8e
- SHA1
  
  af9db5a130d186e609e1f8cc96da5c5e5e546dbe
- SHA256
  
  0f246af8c883d5b929c422232d78a7adc5207b537d5fc5da042c21573afe2e1b
- SHA512
  
  b3831408f070777eab761e241d9c3784a2c0012b83c50758879fbddd01547a1b652928d31c3d44688ae7d76527e2e670d48819ba89a7f5c4cdd34ebbe4d39fa8
- SSDEEP
  
  49152:aZjqaxwt6H6A17SIEB03d5acjWRIwTtPsK:0jb6/2fac6R3TtP5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2