General

  • Target

    0cb9f4401a10462146b0eff58ba1edf37192991f24984bccf1bd9ea8931c24c5

  • Size

    432KB

  • Sample

    220328-1wnmxafga4

  • MD5

    55934416d0404f65c616ed7ee4849050

  • SHA1

    bf50830a234c18661f12be47b6dd89b82c927ded

  • SHA256

    0cb9f4401a10462146b0eff58ba1edf37192991f24984bccf1bd9ea8931c24c5

  • SHA512

    ea4000da96c5c9ff86c197ece89c727b53bfc9c8ded468abb0c8d895fb91d1746a9a668739e7caa434d44f4e424cd2df6855b09d0ec583015181c095fa930881

Score
10/10

Malware Config

Targets

    • Target

      0cb9f4401a10462146b0eff58ba1edf37192991f24984bccf1bd9ea8931c24c5

    • Size

      432KB

    • MD5

      55934416d0404f65c616ed7ee4849050

    • SHA1

      bf50830a234c18661f12be47b6dd89b82c927ded

    • SHA256

      0cb9f4401a10462146b0eff58ba1edf37192991f24984bccf1bd9ea8931c24c5

    • SHA512

      ea4000da96c5c9ff86c197ece89c727b53bfc9c8ded468abb0c8d895fb91d1746a9a668739e7caa434d44f4e424cd2df6855b09d0ec583015181c095fa930881

    Score
    10/10
    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

    • OnlyLogger Payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v6

Tasks