58dede0f191f15a0ffa4ce083f48efd029c5e8725ec012d0a47ffffdd9e0d39f | Triage

Sharing

General

Target

ba0ba30000c0b800b02f9cd2460cb65c
Size

33KB
Sample

240308-aprg4sbc2t
MD5

ba0ba30000c0b800b02f9cd2460cb65c
SHA1

cbcdb73b16033654796c624e8791817f3f041aad
SHA256

58dede0f191f15a0ffa4ce083f48efd029c5e8725ec012d0a47ffffdd9e0d39f
SHA512

c82628063dc481d0527ace8448f5145b0ccfa65280604919224011ef74ea372fd61c64ebb858507e5695fac9a987412e7fdcf35322c4cf26c8c35cfd7a067f50
SSDEEP

384:UYBZe77iR+clh81jAIrqPbllaaU92KZ7lrQ8/FRlDj0SkRIu+rZr0H1dy4SDRbt1:PBZe7e4Zmlla2KZJrQC4iuEqyNRpLeR

Score

7^/10

Malware Config

Targets

- Target
  
  ba0ba30000c0b800b02f9cd2460cb65c
- Size
  
  33KB
- MD5
  
  ba0ba30000c0b800b02f9cd2460cb65c
- SHA1
  
  cbcdb73b16033654796c624e8791817f3f041aad
- SHA256
  
  58dede0f191f15a0ffa4ce083f48efd029c5e8725ec012d0a47ffffdd9e0d39f
- SHA512
  
  c82628063dc481d0527ace8448f5145b0ccfa65280604919224011ef74ea372fd61c64ebb858507e5695fac9a987412e7fdcf35322c4cf26c8c35cfd7a067f50
- SSDEEP
  
  384:UYBZe77iR+clh81jAIrqPbllaaU92KZ7lrQ8/FRlDj0SkRIu+rZr0H1dy4SDRbt1:PBZe7e4Zmlla2KZJrQC4iuEqyNRpLeR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2