General
-
Target
MMMMMUTYYYtrhOmoE27QSJu3X.exe
-
Size
796KB
-
Sample
220203-jrk8jsecgn
-
MD5
acaf6ded35d9b26f5ad943f1cb9f7cae
-
SHA1
989f2c4d4cca185d62a20e6db00a8451691118d1
-
SHA256
b070101a217e99f96198bed4917fe82d36f39bb227674e04ddded3faaa3eb289
-
SHA512
99ce6c746e3a0f7175a7c5c77bb3c50a68ceca15a80f69162c759d40872653767a3f37b5f09eb4f7fea557d8a2847e1fd825cb6a31042afbec0fce30c340027a
Static task
static1
Behavioral task
behavioral1
Sample
MMMMMUTYYYtrhOmoE27QSJu3X.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
MMMMMUTYYYtrhOmoE27QSJu3X.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
matiex
Protocol: smtp- Host:
serv3.devmexico.com - Port:
587 - Username:
[email protected] - Password:
3}l^pI#_4K_! - Email To:
[email protected]
Targets
-
-
Target
MMMMMUTYYYtrhOmoE27QSJu3X.exe
-
Size
796KB
-
MD5
acaf6ded35d9b26f5ad943f1cb9f7cae
-
SHA1
989f2c4d4cca185d62a20e6db00a8451691118d1
-
SHA256
b070101a217e99f96198bed4917fe82d36f39bb227674e04ddded3faaa3eb289
-
SHA512
99ce6c746e3a0f7175a7c5c77bb3c50a68ceca15a80f69162c759d40872653767a3f37b5f09eb4f7fea557d8a2847e1fd825cb6a31042afbec0fce30c340027a
Score10/10-
Matiex Main Payload
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-