General

  • Target

    25cb8974a265a7952e01ab74d1ecea30435a01aeed482b934cba66c2d1347430

  • Size

    34KB

  • Sample

    221029-yjnq2acec6

  • MD5

    a3526a2d7f883651152991ee56bb1e24

  • SHA1

    d0238cdbe3176cd05225fff7ef26a0055b6e57b6

  • SHA256

    25cb8974a265a7952e01ab74d1ecea30435a01aeed482b934cba66c2d1347430

  • SHA512

    7ddbeb1a6b3e103d13dd3a5cc4848b64662635f1a9b500c43b1c9816e3504c5421cf38561694b8110b604518de1a727be105d22529064f2e26956dcbe04dbfe5

  • SSDEEP

    384:LLTcHxgGK39CIKgOJQ8hAldtqoi8meQs8zT2sbOkRLT9npzl+1PiXzn5gf1kz4uQ:f8pK3s4xTFQlasJpMqXn4uH/+kSv

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    smtp
  • Host:
    smtp.gmail.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    3012961595

Targets

    • Target

      25cb8974a265a7952e01ab74d1ecea30435a01aeed482b934cba66c2d1347430

    • Size

      34KB

    • MD5

      a3526a2d7f883651152991ee56bb1e24

    • SHA1

      d0238cdbe3176cd05225fff7ef26a0055b6e57b6

    • SHA256

      25cb8974a265a7952e01ab74d1ecea30435a01aeed482b934cba66c2d1347430

    • SHA512

      7ddbeb1a6b3e103d13dd3a5cc4848b64662635f1a9b500c43b1c9816e3504c5421cf38561694b8110b604518de1a727be105d22529064f2e26956dcbe04dbfe5

    • SSDEEP

      384:LLTcHxgGK39CIKgOJQ8hAldtqoi8meQs8zT2sbOkRLT9npzl+1PiXzn5gf1kz4uQ:f8pK3s4xTFQlasJpMqXn4uH/+kSv

    Score
    10/10
    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks