2042bdcc5e440b757cd0597bb185d6cde9659b0f7950809acf448a27db3e7b6f | Triage

Sharing

General

Target

SecuriteInfo.com.Win32.PWSX-gen.25299.23241
Size

1008KB
Sample

240212-qrakdagd29
MD5

997ea9f1ccc67db15ec3a551f932bd25
SHA1

4bb20cd3579475c5d43866854b81b5bea6352fc8
SHA256

2042bdcc5e440b757cd0597bb185d6cde9659b0f7950809acf448a27db3e7b6f
SHA512

4254726491717eefc4a8874d75a6e7fd0f034cebc83c61e4ea11f767c69ad312083cf160a6f5743346b8d227049a424d1f018be85776cd3c7eb10c0aac91c73f
SSDEEP

24576:UXn8krIG6w+Fwdw1BCNs5pDhfz87brh8p:o8mLMwm1BCNGVfz87h

Score

7^/10

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Win32.PWSX-gen.25299.23241
- Size
  
  1008KB
- MD5
  
  997ea9f1ccc67db15ec3a551f932bd25
- SHA1
  
  4bb20cd3579475c5d43866854b81b5bea6352fc8
- SHA256
  
  2042bdcc5e440b757cd0597bb185d6cde9659b0f7950809acf448a27db3e7b6f
- SHA512
  
  4254726491717eefc4a8874d75a6e7fd0f034cebc83c61e4ea11f767c69ad312083cf160a6f5743346b8d227049a424d1f018be85776cd3c7eb10c0aac91c73f
- SSDEEP
  
  24576:UXn8krIG6w+Fwdw1BCNs5pDhfz87brh8p:o8mLMwm1BCNGVfz87h
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2