General

  • Target

    0b82ca638b53f0f06b5060b8a009167ec931f5cc6de457d0edc7b2ecee3b8650

  • Size

    235KB

  • Sample

    220503-zbad4scab8

  • MD5

    5bc39895848bb4c1c59f10e7d8213571

  • SHA1

    65a8f920044293d66617f4749d21d61b7d08c0eb

  • SHA256

    0b82ca638b53f0f06b5060b8a009167ec931f5cc6de457d0edc7b2ecee3b8650

  • SHA512

    6ea5b2fe5cfa7d4ed2507f9b802741c586106e56b508c02fc2413cb9476ebe8514a3b689a8cfa756517d9090ca055df2d148c4c9ca26689f1b82f97d979d7b98

Score
10/10

Malware Config

Targets

    • Target

      0b82ca638b53f0f06b5060b8a009167ec931f5cc6de457d0edc7b2ecee3b8650

    • Size

      235KB

    • MD5

      5bc39895848bb4c1c59f10e7d8213571

    • SHA1

      65a8f920044293d66617f4749d21d61b7d08c0eb

    • SHA256

      0b82ca638b53f0f06b5060b8a009167ec931f5cc6de457d0edc7b2ecee3b8650

    • SHA512

      6ea5b2fe5cfa7d4ed2507f9b802741c586106e56b508c02fc2413cb9476ebe8514a3b689a8cfa756517d9090ca055df2d148c4c9ca26689f1b82f97d979d7b98

    Score
    10/10
    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

    • OnlyLogger Payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v6

Tasks