5083040e11d9407319a5de1f69bd44eee7da007c2b3fc36fd9ef8e2caf5fc8cd | Triage

Sharing

General

Target

61e2c0eb8b87b2cff74eeb9d9ad3c8a91e792b3618d9bd57f96232b70337b7fb.zip
Size

234KB
Sample

231119-2dwq8sdb7w
MD5

1cd588bab51b02ca160f21fe16fcdaab
SHA1

faacd16f7b40ac78cfceb7c43f7a5c43f12f5865
SHA256

5083040e11d9407319a5de1f69bd44eee7da007c2b3fc36fd9ef8e2caf5fc8cd
SHA512

c95a39490d103fea5911c9999979f14e6a7dbfe4a4b463b446c3b501fd1c0bd5db91063cb6dc4c08a56b61a6e64098ac72abaea978f1261e378bc7331f0561eb
SSDEEP

6144:6XoNivWzsee3vCX/zafDCxmiK30am5aFQV:fEWA9vKkYU30kG

Score

7^/10

Malware Config

Targets

- Target
  
  61e2c0eb8b87b2cff74eeb9d9ad3c8a91e792b3618d9bd57f96232b70337b7fb.exe
- Size
  
  387KB
- MD5
  
  5d22fa34c376cb47f21dcbb36c806446
- SHA1
  
  d4fc0c29163d9798ec5dc9481a5e93f3e5462683
- SHA256
  
  61e2c0eb8b87b2cff74eeb9d9ad3c8a91e792b3618d9bd57f96232b70337b7fb
- SHA512
  
  5734965ae44fe7c82f8b8ff538ffd5a43fd5384a1de45571d9a20774ff0be1a5ee72f0cc784ae2278fa0ce623bdd6bc25ff77635f5c8ed36eedf0bcfc602f69f
- SSDEEP
  
  6144:5nALTWwzPIj4JwTW+wPBlOeLEe3whJVH:2TWwzPWCwLwPBNLRwH
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2