8cf36bd7757e07a18a52811c0a952102dd346f0b4a8d3afee1e5df4c76045fb5 | Triage

Sharing

General

Target

6d42a1eae1c8b8304ff349d919381716.bin
Size

667KB
Sample

231118-cgpdwsha74
MD5

72d33e9844a0681923869166dc997f32
SHA1

2f5be55459e74fd60ff30a3fb6b9a73312529a52
SHA256

8cf36bd7757e07a18a52811c0a952102dd346f0b4a8d3afee1e5df4c76045fb5
SHA512

e94cf7c05f348a9840612aea69a414f3e423e82fd05595e2db004eaf3bdd60066631e80833132720075a918e4f207d5325a91dfb73df76f30aa973ced081cd4d
SSDEEP

12288:rxpkwr6jIFzmZZGk1jovpU2hl0h1l1eJxbl5wZQSiwx341Nlja+xJYwcMJHaxh5k:VrlzUZGejd2hsqlvTUx34xLdcy25k

Score

7^/10

Malware Config

Targets

- Target
  
  2fb8f2940043a26f22228fe74438848af86ba93356e4defcf3e6611bffed5aff.exe
- Size
  
  892KB
- MD5
  
  6d42a1eae1c8b8304ff349d919381716
- SHA1
  
  4b64dffa366e6d74d007ff9d286af3e8e47f437e
- SHA256
  
  2fb8f2940043a26f22228fe74438848af86ba93356e4defcf3e6611bffed5aff
- SHA512
  
  bbc6a106742af9dcb0afa7af4f7ca294f00ff99192059c0b2e4d5d8f87927f4b4c51f760751ff4124f10db4bd2791f15677700e859869ec8f1254657bb6a34a6
- SSDEEP
  
  24576:ZdsXUpExO0toph1PmEmZ4ZsNV2WzpqS6Nne:bpExO0tE5mZQsu2pE
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2