General

  • Target

    475473f12c29b516bcdcae8b4f8ecb92cdbf4b0fd6a999a00736a3587402e451

  • Size

    256KB

  • Sample

    220502-sp4fsaadfn

  • MD5

    e9dbb462858d5f2bd4d802eb140a0e6c

  • SHA1

    457c87016296f7ce83f72494971a6c3af754c378

  • SHA256

    475473f12c29b516bcdcae8b4f8ecb92cdbf4b0fd6a999a00736a3587402e451

  • SHA512

    e71ecc47792aebdf1c73fa4c0aedfb34c04a70428048a65b8a4d5216a50d4169d3ed5f9b5a3898cd385c3629ef3c4751510b4d688d4d3585873c3a40656af836

Score
10/10

Malware Config

Targets

    • Target

      475473f12c29b516bcdcae8b4f8ecb92cdbf4b0fd6a999a00736a3587402e451

    • Size

      256KB

    • MD5

      e9dbb462858d5f2bd4d802eb140a0e6c

    • SHA1

      457c87016296f7ce83f72494971a6c3af754c378

    • SHA256

      475473f12c29b516bcdcae8b4f8ecb92cdbf4b0fd6a999a00736a3587402e451

    • SHA512

      e71ecc47792aebdf1c73fa4c0aedfb34c04a70428048a65b8a4d5216a50d4169d3ed5f9b5a3898cd385c3629ef3c4751510b4d688d4d3585873c3a40656af836

    Score
    10/10
    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

    • OnlyLogger Payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v6

Tasks