bf88b3a1acb621350872d76db89bd9de3ecb5bd1cbc3da58405a953a431142fd | Triage

Sharing

General

Target

9d955290bc69089a22c5d55bb56b5bb4.bin
Size

813KB
Sample

231119-c1x55sge58
MD5

bf7240215833695493a4670d71de1142
SHA1

71a4abc32a5e56d1c774055def89883f91771c65
SHA256

bf88b3a1acb621350872d76db89bd9de3ecb5bd1cbc3da58405a953a431142fd
SHA512

6c124179f901b14ad575245d3517dd0663565f667378335f1b8621d3c509a5632b0d57148db18f047f0a4dd5279a6428368386c76b4c1be653758e935a34d8ac
SSDEEP

24576:BKLndAn6i/6WWVub+XCaYF496sswkBgcMr6HAt:EdA6i/6WWVuiy/O6wYe

Score

7^/10

Malware Config

Targets

- Target
  
  adfc9e2a5a95ac5f6cc3f3f8d5438d13239bae44ff379fe89d2ecaed8f5557fa.exe
- Size
  
  1.1MB
- MD5
  
  9d955290bc69089a22c5d55bb56b5bb4
- SHA1
  
  230d3ac3f111cde0f71a3002631f51db64afcca8
- SHA256
  
  adfc9e2a5a95ac5f6cc3f3f8d5438d13239bae44ff379fe89d2ecaed8f5557fa
- SHA512
  
  cf928bcee2d4674493f7b6272a696b216ebdbef2223691427cea89386175342e11f7a5f335174a9165b9095af0246074bbec8a185bb7840058a710263375f7c5
- SSDEEP
  
  24576:aiJgghC4ptbDUqgAsfB3mmOk4K4YPMgNRzNBsmC7:JOgAWbvgAsMmehYPB1B/C
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2