539ef744066a46293e1ffa3ecc5015be6c2c7d622d176b18916f06b365597e46 | Triage

Resubmissions

15/05/2023, 08:56

230515-kv1yvahh6x 8

26/04/2022, 12:32

220426-pq1jqsgcgn 8

Sharing

Copy URL Twitter E-mail

General

Target

Archive.zip
Size

1.8MB
Sample

220426-pq1jqsgcgn
MD5

13aaa52cab1cfaf44812756de9e7f89b
SHA1

7f2387c6a4009c7cd179459347f9bd2cda1a22ed
SHA256

539ef744066a46293e1ffa3ecc5015be6c2c7d622d176b18916f06b365597e46
SHA512

b5a0700026980dbe7bfbcc809af79ff57339e89605cb7cb9884466ec83c5e74ca42637b0a516c902cb93c2b3fff02d60c8f3db3d34eccfed78d51e18c0248451

Score

8^/10

Malware Config

Targets

- Target
  
  Kang Min-chol Edits 2.doc
- Size
  
  525KB
- MD5
  
  3f209fa947acfa93d67d40de9fa32fb2
- SHA1
  
  68c3974f4e089736e4263e4368daa53e419471bc
- SHA256
  
  94ca32c0a3002574d7ea1bef094146a9d3b2ad0018b3e3d3f4ffca8689b89e5a
- SHA512
  
  0b30c69ed47817e8c6890b5d83011020fbc919b9fb52de116c4920b84cfa2c667e855ca30afc78e99ecc1ad4990cc681d05c7c933c0c91489932b03d62d23ca8
Score

4^/10
behavioral1 behavioral2
- Target
  
  Kang Min-chol Edits 2.lnk
- Size
  
  269.6MB
- MD5
  
  99fb399c9b121ef6e60e9bdff8b324b2
- SHA1
  
  ea0609fbf3bf0cfb2acea989126d8caafe5350ec
- SHA256
  
  120ca851663ef0ebef585d716c9e2ba67bd4870865160fec3b853156be1159c5
- SHA512
  
  5f44ea1d7ad196c9f54371f7a176da2a0be0499b4acac3f2ac3bd99a517f045e086ae066d2fa7239f23ece2ea2cf115c2ecd8bdc973200fea78b6f0ca39c3a6f
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral3 behavioral4
- Target
  
  Kang Min-chol Edits 2.zip
- Size
  
  486KB
- MD5
  
  4c6c0e2a41ac67e68a9393265ff50e6e
- SHA1
  
  b2c728072afc3007f711d7264da31698008a2409
- SHA256
  
  9eddd99db6f5a7791f7e446792f04b301d29f6b0596920e8b39647cc7585185d
- SHA512
  
  b4ba5b4281f5b87e0aa8d9b63373573246cb42b27ea2a7d523357044d08ec5d8bc41210e435924288292aa741b19c72219fc5fb195f32708893ea3c9c1986cd5
Score

1^/10
behavioral5 behavioral6
- Target
  
  backdoor.exe
- Size
  
  1.1MB
- MD5
  
  8a7ed15dfd5e385b3913129c372cc026
- SHA1
  
  ff172a51c13c1a3be7f2c8b1e9352492e2ee01d6
- SHA256
  
  485246b411ef5ea9e903397a5490d106946a8323aaf79e6041bdf94763a0c028
- SHA512
  
  9f8621babba1917e4907d563f068a39c9db64f908e9e6083a9c8520558090117fdc6159e5af38f44524bdc2eecf4d4e6b9e2bba3053e190322aee18642ffd9a4
Score

1^/10
behavioral7 behavioral8
- Target
  
  fantasy
- Size
  
  1.0MB
- MD5
  
  623184d97e56795f1f17d18428ece423
- SHA1
  
  ee5692d4cfc37da0e9671b18b6cda67044afd11f
- SHA256
  
  45ece107409194f5f1ec2fbd902d041f055a914e664f8ed2aa1f90e223339039
- SHA512
  
  5d11402bbaf0b5307763be3b8a62af41bfd0cb0bf60ec9743c9fdf4ec9a2ec6a405129941d92a9b2b25c68cd3f74fe7ba0562e3dd7a92e6808c637a839ef061d
Score

1^/10
behavioral9 behavioral10

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10