da7240d9ca40c2f125ff86b0d186d995de1eca6d647e31cfa885c8b963944a33 | Triage

Sharing

General

Target

c0343df25c6c956182e9ad6f5f696d5c
Size

21.6MB
Sample

240311-k3vrssgc7t
MD5

c0343df25c6c956182e9ad6f5f696d5c
SHA1

0d24ce8cb217886071cdb5e955318d146acc9c8b
SHA256

da7240d9ca40c2f125ff86b0d186d995de1eca6d647e31cfa885c8b963944a33
SHA512

9591bf549a3a0286350447abc7007ec1974d96f83e311de2362622d8832f59a7790652f046eee8b5fc78725bccb8eba93cf9df80fc2a520f710f2bb827503aca
SSDEEP

393216:EBqXoCjThvy3lfpRZJaXeKwgF1TlqDIJrn+BpoyMkcGRL7Tw1wzMAlC8yv:EBqTTY3/jcOKLF1wDQg+rkLn1zMAlCV

Score

7^/10

Malware Config

Targets

- Target
  
  c0343df25c6c956182e9ad6f5f696d5c
- Size
  
  21.6MB
- MD5
  
  c0343df25c6c956182e9ad6f5f696d5c
- SHA1
  
  0d24ce8cb217886071cdb5e955318d146acc9c8b
- SHA256
  
  da7240d9ca40c2f125ff86b0d186d995de1eca6d647e31cfa885c8b963944a33
- SHA512
  
  9591bf549a3a0286350447abc7007ec1974d96f83e311de2362622d8832f59a7790652f046eee8b5fc78725bccb8eba93cf9df80fc2a520f710f2bb827503aca
- SSDEEP
  
  393216:EBqXoCjThvy3lfpRZJaXeKwgF1TlqDIJrn+BpoyMkcGRL7Tw1wzMAlC8yv:EBqTTY3/jcOKLF1wDQg+rkLn1zMAlCV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2