General

  • Target

    fc17d82965b92af78c6925ff2e6d966b879e1a623850a9306a5e01ba13c546e4

  • Size

    5.4MB

  • Sample

    220804-e18yrabhek

  • MD5

    9443893f08c65fdae127a1c16f8a7600

  • SHA1

    5eefe94a12c0d06b05cfdd6159e5cfe59e3331bf

  • SHA256

    fc17d82965b92af78c6925ff2e6d966b879e1a623850a9306a5e01ba13c546e4

  • SHA512

    45a01935d3874e3ed73c6b90956191132386424fa248a4f8723ee6d4575109374fb39b169ff3ec41a6e68f36b119d8475f90fc7fe8bec68b1f3082f9f22e7ee8

Score
8/10

Malware Config

Targets

    • Target

      fc17d82965b92af78c6925ff2e6d966b879e1a623850a9306a5e01ba13c546e4

    • Size

      5.4MB

    • MD5

      9443893f08c65fdae127a1c16f8a7600

    • SHA1

      5eefe94a12c0d06b05cfdd6159e5cfe59e3331bf

    • SHA256

      fc17d82965b92af78c6925ff2e6d966b879e1a623850a9306a5e01ba13c546e4

    • SHA512

      45a01935d3874e3ed73c6b90956191132386424fa248a4f8723ee6d4575109374fb39b169ff3ec41a6e68f36b119d8475f90fc7fe8bec68b1f3082f9f22e7ee8

    Score
    8/10
    • Blocklisted process makes network request

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

System Information Discovery

3
T1082

Tasks