50b808977b10d6f9069ae8d7690db10e4e3b42a074927170a3d6e9b0a081bec9 | Triage

Sharing

General

Target

WhatsApp-win8.exe
Size

2.8MB
Sample

241005-gg2fnsyelq
MD5

026b5dbcc944eecb53dcb47dcb2d11ec
SHA1

2a5aaa64fa68363a5dbd7473c5b53ad40fe75a2b
SHA256

50b808977b10d6f9069ae8d7690db10e4e3b42a074927170a3d6e9b0a081bec9
SHA512

d112b65dfd4816d433ae6f323af81ecd62f991144891731df284a6f9635b69277e5a5f355a2f805c52e126fcec2fd0bc420acc2b971e118a591fa200a1f003ba
SSDEEP

49152:TV9RnbCvivTLMtogtB5HfzhovA/nGFDll1+KAP7bCCB7VVgLg:x9RnbCa8o85VucQt+u4gLg

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  WhatsApp-win8.exe
- Size
  
  2.8MB
- MD5
  
  026b5dbcc944eecb53dcb47dcb2d11ec
- SHA1
  
  2a5aaa64fa68363a5dbd7473c5b53ad40fe75a2b
- SHA256
  
  50b808977b10d6f9069ae8d7690db10e4e3b42a074927170a3d6e9b0a081bec9
- SHA512
  
  d112b65dfd4816d433ae6f323af81ecd62f991144891731df284a6f9635b69277e5a5f355a2f805c52e126fcec2fd0bc420acc2b971e118a591fa200a1f003ba
- SSDEEP
  
  49152:TV9RnbCvivTLMtogtB5HfzhovA/nGFDll1+KAP7bCCB7VVgLg:x9RnbCa8o85VucQt+u4gLg
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2