8bffa6a095bb8ceac0076cd2b6e070fbadf872c677159b663efbac547ccf75c5 | Triage

Sharing

General

Target

09df7f3b9012bdec32b853168e0cbe41
Size

141KB
Sample

231225-gpm81sbhd2
MD5

09df7f3b9012bdec32b853168e0cbe41
SHA1

328045c67ea4940a7d2469143d0c4806bcc4acdc
SHA256

8bffa6a095bb8ceac0076cd2b6e070fbadf872c677159b663efbac547ccf75c5
SHA512

7272da69089764f3a4916db9737fc9c0b198309ae579fe3e63d2197708f4583b706715d7b3c69db7d87228ace7284a1759de482755453c844bf90ff90b0d1562
SSDEEP

1536:AyiXzsjsuaQoEKBeJLJAPoKOgtWXdN/eOOAJf1j1/leSajcrFo9dSUAvWZ6NnUe0:AyiI4roCoKjCN/e9GDtujcZoGdnUe0B

Score

7^/10

Malware Config

Targets

- Target
  
  09df7f3b9012bdec32b853168e0cbe41
- Size
  
  141KB
- MD5
  
  09df7f3b9012bdec32b853168e0cbe41
- SHA1
  
  328045c67ea4940a7d2469143d0c4806bcc4acdc
- SHA256
  
  8bffa6a095bb8ceac0076cd2b6e070fbadf872c677159b663efbac547ccf75c5
- SHA512
  
  7272da69089764f3a4916db9737fc9c0b198309ae579fe3e63d2197708f4583b706715d7b3c69db7d87228ace7284a1759de482755453c844bf90ff90b0d1562
- SSDEEP
  
  1536:AyiXzsjsuaQoEKBeJLJAPoKOgtWXdN/eOOAJf1j1/leSajcrFo9dSUAvWZ6NnUe0:AyiI4roCoKjCN/e9GDtujcZoGdnUe0B
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2