2165a0d28ca7da9dcccd1890b7fae09037b23090c16d7e6877de89667e7aa27b | Triage

Sharing

General

Target

2165a0d28ca7da9dcccd1890b7fae09037b23090c16d7e6877de89667e7aa27b.exe
Size

698KB
Sample

240213-cwyk4sae5s
MD5

c4739b56271d3d99ff7449053f997e76
SHA1

578cb65ac1f0660c06a61b2be36f3f60d5b0ae98
SHA256

2165a0d28ca7da9dcccd1890b7fae09037b23090c16d7e6877de89667e7aa27b
SHA512

7e6a0934b695b66df33a21aff9d58768336ea3a6300ba55bb1b6424ea0912a3aeb1e20b3f03fb989eadee3dfd6ebcb9df85f6b69dd0c3db518c23e82a380caec
SSDEEP

12288:oaEzqHKMbNqM8hu6Vw6xPgxb453SHmYrn1HnfFokjg1YG4s/QdMqZlWZYsYb9JVz:oxz87bfB/DtxGYhfFo+G4suJDWZYsyVt

Score

7^/10

Malware Config

Targets

- Target
  
  2165a0d28ca7da9dcccd1890b7fae09037b23090c16d7e6877de89667e7aa27b.exe
- Size
  
  698KB
- MD5
  
  c4739b56271d3d99ff7449053f997e76
- SHA1
  
  578cb65ac1f0660c06a61b2be36f3f60d5b0ae98
- SHA256
  
  2165a0d28ca7da9dcccd1890b7fae09037b23090c16d7e6877de89667e7aa27b
- SHA512
  
  7e6a0934b695b66df33a21aff9d58768336ea3a6300ba55bb1b6424ea0912a3aeb1e20b3f03fb989eadee3dfd6ebcb9df85f6b69dd0c3db518c23e82a380caec
- SSDEEP
  
  12288:oaEzqHKMbNqM8hu6Vw6xPgxb453SHmYrn1HnfFokjg1YG4s/QdMqZlWZYsYb9JVz:oxz87bfB/DtxGYhfFo+G4suJDWZYsyVt
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2