General

  • Target

    8db948acb7aef5429f47245a8f9f6996a5a2c3ba075d58016935d9841ee7e0d7

  • Size

    434KB

  • Sample

    220330-vbcf9aafap

  • MD5

    60ee7b23d6b381462de19ec64bd98407

  • SHA1

    d4663252d71ee0b862fdbe8551cb9da9456321e0

  • SHA256

    8db948acb7aef5429f47245a8f9f6996a5a2c3ba075d58016935d9841ee7e0d7

  • SHA512

    f38861e93d9bfd5ea1b6d9c1e55e37396f47ef889fb0219f42d40d24b6eeec1262f1f15e8d71811ea3157bc96777628f30f576f004c71cf0a773a5a16d5777a1

Score
10/10

Malware Config

Targets

    • Target

      8db948acb7aef5429f47245a8f9f6996a5a2c3ba075d58016935d9841ee7e0d7

    • Size

      434KB

    • MD5

      60ee7b23d6b381462de19ec64bd98407

    • SHA1

      d4663252d71ee0b862fdbe8551cb9da9456321e0

    • SHA256

      8db948acb7aef5429f47245a8f9f6996a5a2c3ba075d58016935d9841ee7e0d7

    • SHA512

      f38861e93d9bfd5ea1b6d9c1e55e37396f47ef889fb0219f42d40d24b6eeec1262f1f15e8d71811ea3157bc96777628f30f576f004c71cf0a773a5a16d5777a1

    Score
    10/10
    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

    • OnlyLogger Payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v6

Tasks