c9df8ee8291e7b125f140eb2dbad2c9eecd45b58e3b85a1c38d01ffcf3218150 | Triage

Sharing

General

Target

c9df8ee8291e7b125f140eb2dbad2c9eecd45b58e3b85a1c38d01ffcf3218150.exe
Size

716KB
Sample

240213-fvx5qsfc56
MD5

95269aceffe9ce44698b97ae89f6909c
SHA1

e666771f265fbe6ffb19726def6dcb333ab8cf7e
SHA256

c9df8ee8291e7b125f140eb2dbad2c9eecd45b58e3b85a1c38d01ffcf3218150
SHA512

4bb88004d72c57fb0d27cd5dece1a02cd56fbaff968a1e3bf10b0f7a3bbf98afd0cb7171664d5cda28835d8f90a6d52cab70a335091fee5c49947dc6258d8f47
SSDEEP

12288:x4EzqHKMbNrpZ4ZQtsLWhI7xjuNFU9J4rjmmbC+nulxpUuVxpSRxD0DN7MTlMxov:xrz87bBH4pLyYuzMe2x+uxBpSRuN7MRT

Score

7^/10

Malware Config

Targets

- Target
  
  c9df8ee8291e7b125f140eb2dbad2c9eecd45b58e3b85a1c38d01ffcf3218150.exe
- Size
  
  716KB
- MD5
  
  95269aceffe9ce44698b97ae89f6909c
- SHA1
  
  e666771f265fbe6ffb19726def6dcb333ab8cf7e
- SHA256
  
  c9df8ee8291e7b125f140eb2dbad2c9eecd45b58e3b85a1c38d01ffcf3218150
- SHA512
  
  4bb88004d72c57fb0d27cd5dece1a02cd56fbaff968a1e3bf10b0f7a3bbf98afd0cb7171664d5cda28835d8f90a6d52cab70a335091fee5c49947dc6258d8f47
- SSDEEP
  
  12288:x4EzqHKMbNrpZ4ZQtsLWhI7xjuNFU9J4rjmmbC+nulxpUuVxpSRxD0DN7MTlMxov:xrz87bBH4pLyYuzMe2x+uxBpSRuN7MRT
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2