General

  • Target

    27.FICH_33O3LcBJBPsZDE6v.zip

  • Size

    310KB

  • Sample

    220623-r866cagch3

  • MD5

    982582d0a8e8af228db9621147dd3c8c

  • SHA1

    3eacb43865475d56bdd1f8f98e37484ad2b1e2b4

  • SHA256

    f961ab990bb222718ec6602a854dd7395926f0813028799b7f367aec91382c57

  • SHA512

    889ab186dbb53a3867a6ce794204de62e23948cda27d93b068fb70824933cc6a32417d87833128096f104084c322fdcde8abd4dccf67341ebf53b2f35b502fa2

Score
8/10

Malware Config

Targets

    • Target

      27.FICH_33O3LcBJBPsZDE6v.vbs

    • Size

      7KB

    • MD5

      25926cb2b53f3be53b0999621d1f1ccf

    • SHA1

      9a073d7bd4b2f730f157f4612551504d16607256

    • SHA256

      665b376283df9d5e962860cc1d6cc2ec05157afff65d44b6d9ff64d8b6393941

    • SHA512

      8542f4c0815e8f161c4dc2151252454fc2dcc86da0a3160724f54d702d3ea99805be006d5bfdde65f68f3aba6556892d735515824a3fdf24f9de0dd05dc469bd

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      _

    • Size

      325KB

    • MD5

      04704493bcdc4d0c1c9d0fd8ebf5afbc

    • SHA1

      95d64b037a8d0c5d8318a7c1429d89529ac5c766

    • SHA256

      28225c5622637cdaed8342e14560e8de7b53dd6ba145d973643fc4b5bdd67b75

    • SHA512

      ed06b9f7931326ff6923b65e95db45931b21995aa8b52eb26f578017e5b60bee7139251bc3fedc65fc7becb7e1d7d4dfdaa17361d01d8d36ebd770c9142c5c8d

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

1
T1012

System Information Discovery

3
T1082

Collection

Data from Local System

1
T1005

Tasks