General

  • Target

    5a3cd39dd27e41d5e49fa80ecbf494b200eaba209d467fb1a692e76a78fa1db3

  • Size

    235KB

  • Sample

    220502-sp351sadfm

  • MD5

    d61bcc64989d25064830baea7eb788dd

  • SHA1

    09e2cc5a33e4130282bcb1d671467332756c7194

  • SHA256

    5a3cd39dd27e41d5e49fa80ecbf494b200eaba209d467fb1a692e76a78fa1db3

  • SHA512

    40591c21f6d3f85748dd676e0429fbebaeefc5c3962cc7d194896843823e47d5f9f5f0a1771d2da821a9d33bdcf41bd9ca8b8407282312d9819c94f6710ec6b2

Score
10/10

Malware Config

Targets

    • Target

      5a3cd39dd27e41d5e49fa80ecbf494b200eaba209d467fb1a692e76a78fa1db3

    • Size

      235KB

    • MD5

      d61bcc64989d25064830baea7eb788dd

    • SHA1

      09e2cc5a33e4130282bcb1d671467332756c7194

    • SHA256

      5a3cd39dd27e41d5e49fa80ecbf494b200eaba209d467fb1a692e76a78fa1db3

    • SHA512

      40591c21f6d3f85748dd676e0429fbebaeefc5c3962cc7d194896843823e47d5f9f5f0a1771d2da821a9d33bdcf41bd9ca8b8407282312d9819c94f6710ec6b2

    Score
    10/10
    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

    • OnlyLogger Payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v6

Tasks