cd5a52176f5c81de1b971e02ad0744375125d41ee626d40804a235588d099441 | Triage

Sharing

General

Target

cd5a52176f5c81de1b971e02ad0744375125d41ee626d40804a235588d099441
Size

6.9MB
Sample

240524-hhs2csgg9y
MD5

120d23a3e154eb643eff9ca4617941d7
SHA1

f3f6b7a0510b146b16521fa2ea4ddaf81302c136
SHA256

cd5a52176f5c81de1b971e02ad0744375125d41ee626d40804a235588d099441
SHA512

0b80dc7effa92d0af6dd79f9ce577d5d458c7cbfa7fcd2990f5c746f64795d070625e9c335726e6f08b8e3a0e0601e7a82d9db5e4476c5e4b34f6a632795e9d9
SSDEEP

196608:2xLe/IYmnsr9IYgcKFWAUv/bG98CyImPmiHu:oq/dmfY2rUE8CS

Score

7^/10

Malware Config

Targets

- Target
  
  cd5a52176f5c81de1b971e02ad0744375125d41ee626d40804a235588d099441
- Size
  
  6.9MB
- MD5
  
  120d23a3e154eb643eff9ca4617941d7
- SHA1
  
  f3f6b7a0510b146b16521fa2ea4ddaf81302c136
- SHA256
  
  cd5a52176f5c81de1b971e02ad0744375125d41ee626d40804a235588d099441
- SHA512
  
  0b80dc7effa92d0af6dd79f9ce577d5d458c7cbfa7fcd2990f5c746f64795d070625e9c335726e6f08b8e3a0e0601e7a82d9db5e4476c5e4b34f6a632795e9d9
- SSDEEP
  
  196608:2xLe/IYmnsr9IYgcKFWAUv/bG98CyImPmiHu:oq/dmfY2rUE8CS
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2