f376333da15d7413ba3326ba5b734273678c9d1a7eead4c2bf42d67906954050 | Triage

Sharing

General

Target

WhatsApp-win8.exe
Size

2.8MB
Sample

241005-aq45laygna
MD5

f3c2d2f28ac966d1ce0f20dd39a6fa17
SHA1

dcf3b546a4e9a37ca98287cfa142bfab99f3975e
SHA256

f376333da15d7413ba3326ba5b734273678c9d1a7eead4c2bf42d67906954050
SHA512

771a68c5a58eadf0f234e4e787f01e50f39180d333dc2ae7d5ab9bfdfdfb4b93145bccf766a25cb9bf9c82a5ee44214cc02d5506237eac52f22dac3625d2bfef
SSDEEP

49152:4V9joZnbCvivTLM4tB5HfzhovA/nGFDll1+KAP7bCCB7VVgLz:Y9joZnbCa15VucQt+u4gLz

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  WhatsApp-win8.exe
- Size
  
  2.8MB
- MD5
  
  f3c2d2f28ac966d1ce0f20dd39a6fa17
- SHA1
  
  dcf3b546a4e9a37ca98287cfa142bfab99f3975e
- SHA256
  
  f376333da15d7413ba3326ba5b734273678c9d1a7eead4c2bf42d67906954050
- SHA512
  
  771a68c5a58eadf0f234e4e787f01e50f39180d333dc2ae7d5ab9bfdfdfb4b93145bccf766a25cb9bf9c82a5ee44214cc02d5506237eac52f22dac3625d2bfef
- SSDEEP
  
  49152:4V9joZnbCvivTLM4tB5HfzhovA/nGFDll1+KAP7bCCB7VVgLz:Y9joZnbCa15VucQt+u4gLz
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2