Overview

overview

10

Static

static

45cf856f06...3b.exe

windows7_x64

10

45cf856f06...3b.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    45cf856f06e0fa7ff0bf65c620d29b2ad7125efeaf9f0ef2dbd71eca7fb5683b

  • Size

    434KB

  • Sample

    220707-mtsxysfff9

  • MD5

    bd9c163f9a299b73f0ba445823d2377e

  • SHA1

    66789c2eeec3524beec9ca434d93dbc9fba1ceaf

  • SHA256

    45cf856f06e0fa7ff0bf65c620d29b2ad7125efeaf9f0ef2dbd71eca7fb5683b

  • SHA512

    51f6740a9e84d5de9963ef6cfb2f0e77a23847df9930484e9924104531ffadcc0aa08053faa24bfbefff16f97a299811e7cf2d18e98d57f35caf53ebbc7556fb

Score
10/10
onlyloggerloader

Malware Config

Targets

    • Target

      45cf856f06e0fa7ff0bf65c620d29b2ad7125efeaf9f0ef2dbd71eca7fb5683b

    • Size

      434KB

    • MD5

      bd9c163f9a299b73f0ba445823d2377e

    • SHA1

      66789c2eeec3524beec9ca434d93dbc9fba1ceaf

    • SHA256

      45cf856f06e0fa7ff0bf65c620d29b2ad7125efeaf9f0ef2dbd71eca7fb5683b

    • SHA512

      51f6740a9e84d5de9963ef6cfb2f0e77a23847df9930484e9924104531ffadcc0aa08053faa24bfbefff16f97a299811e7cf2d18e98d57f35caf53ebbc7556fb

    Score
    10/10
    onlyloggerloader

    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

      loaderonlylogger

    • OnlyLogger payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks