General
-
Target
3f3a8442b3a36cf557f9535d67c11a1040392df889587b2f6341d682b4cb47dd
-
Size
252KB
-
Sample
220308-x58gwsdhcm
-
MD5
2fdcd6f63014c05331365fe96538c010
-
SHA1
107473be86d052f460685f9e5879aed530433b5b
-
SHA256
3f3a8442b3a36cf557f9535d67c11a1040392df889587b2f6341d682b4cb47dd
-
SHA512
da553a61ca0e9cc877941c22652f0ae4917c05e4b0f699e4518dfd60b139e06a17747cfb26dce67685d41f5164d49eedae63e94c310444ce7a24b3783b5283f5
Static task
static1
Behavioral task
behavioral1
Sample
3f3a8442b3a36cf557f9535d67c11a1040392df889587b2f6341d682b4cb47dd.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
3f3a8442b3a36cf557f9535d67c11a1040392df889587b2f6341d682b4cb47dd.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
matiex
Protocol: smtp- Host:
pro02.emailserver.vn - Port:
587 - Username:
[email protected] - Password:
lv123456 - Email To:
[email protected]
Targets
-
-
Target
3f3a8442b3a36cf557f9535d67c11a1040392df889587b2f6341d682b4cb47dd
-
Size
252KB
-
MD5
2fdcd6f63014c05331365fe96538c010
-
SHA1
107473be86d052f460685f9e5879aed530433b5b
-
SHA256
3f3a8442b3a36cf557f9535d67c11a1040392df889587b2f6341d682b4cb47dd
-
SHA512
da553a61ca0e9cc877941c22652f0ae4917c05e4b0f699e4518dfd60b139e06a17747cfb26dce67685d41f5164d49eedae63e94c310444ce7a24b3783b5283f5
Score10/10-
Matiex Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-