37067d525d2040ee7d7be8308eff29820ca32a98dfb4eccef02ecd2e6eb449b2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Doc 30042024.exe
Size

700KB
Sample

240430-mg376aab51
MD5

906c05a0a8bfdee429158ddee0c83f0f
SHA1

51a6f04876623b6d0b5d51c7008719445ef2e4fa
SHA256

37067d525d2040ee7d7be8308eff29820ca32a98dfb4eccef02ecd2e6eb449b2
SHA512

1526c1e426a5f00a3916c493ac2faa1ec7553f3e77abc8ad4609b421e28a8bfe6c2e84f6b07803f34760f67f9acf9623ec3c17cebdeb7c5d3a2dda8136deba0d
SSDEEP

12288:IBmyADA/UpSnMjmSR+093uziocueWFm++mFUvTZL18YEFrK9gbzKs1XmZgI2jdIM:SRFm+pFq18PrdbzKNCdSSydS0

Score

7^/10

Malware Config

Targets

- Target
  
  Doc 30042024.exe
- Size
  
  700KB
- MD5
  
  906c05a0a8bfdee429158ddee0c83f0f
- SHA1
  
  51a6f04876623b6d0b5d51c7008719445ef2e4fa
- SHA256
  
  37067d525d2040ee7d7be8308eff29820ca32a98dfb4eccef02ecd2e6eb449b2
- SHA512
  
  1526c1e426a5f00a3916c493ac2faa1ec7553f3e77abc8ad4609b421e28a8bfe6c2e84f6b07803f34760f67f9acf9623ec3c17cebdeb7c5d3a2dda8136deba0d
- SSDEEP
  
  12288:IBmyADA/UpSnMjmSR+093uziocueWFm++mFUvTZL18YEFrK9gbzKs1XmZgI2jdIM:SRFm+pFq18PrdbzKNCdSSydS0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2