Overview

overview

10

Static

static

57620fe23f...fa.exe

windows7_x64

10

57620fe23f...fa.exe

windows10-2004_x64

10

Resubmissions

07/01/2024, 18:07 UTC

240107-wqg6qabfcl 10

16/01/2022, 12:55 UTC

220116-p5sgnsfdf9 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    57620fe23fe46b9b50f5ec40bdc6b8fa.exe

  • Size

    419KB

  • Sample

    220116-p5sgnsfdf9

  • MD5

    57620fe23fe46b9b50f5ec40bdc6b8fa

  • SHA1

    fe38a4e6d66ad1cc621ea39e3d344d1fcd6227d2

  • SHA256

    d1a299c8b89530ee091ceeb89c172bdd9317816825b68926b0e368714e74d27f

  • SHA512

    671cd11456cc62533acfd62693db39488aa8964db4f4b4729ec1305b8b5550798bd1eae4107957eb5bc1b29d6023c8f28b0f33ccaf21a2b7169e5bf49125f1a3

Score
10/10
onlyloggerloader

Malware Config

Targets

    • Target

      57620fe23fe46b9b50f5ec40bdc6b8fa.exe

    • Size

      419KB

    • MD5

      57620fe23fe46b9b50f5ec40bdc6b8fa

    • SHA1

      fe38a4e6d66ad1cc621ea39e3d344d1fcd6227d2

    • SHA256

      d1a299c8b89530ee091ceeb89c172bdd9317816825b68926b0e368714e74d27f

    • SHA512

      671cd11456cc62533acfd62693db39488aa8964db4f4b4729ec1305b8b5550798bd1eae4107957eb5bc1b29d6023c8f28b0f33ccaf21a2b7169e5bf49125f1a3

    Score
    10/10
    onlyloggerloader

    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

      loaderonlylogger

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • OnlyLogger Payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.