General

  • Target

    bc8a3f79-94d7-43c5-bf5c-8d164ba1c859.zip

  • Size

    221KB

  • Sample

    221101-mss7bsbhgk

  • MD5

    4f4231ca9e12aafac48a121121c6f940

  • SHA1

    7bd217554749f0f3c31957a37fc70d0a86e71fc3

  • SHA256

    be604dc018712b1b1a0802f4ec5a35b29aab839f86343fc4b6f2cb784d58f901

  • SHA512

    e900e1ad20a64dabba711b74c2892c3063e438a3f57c28565e75a57e908166ec8864efca56bdce4ce8ecbfcbeda2d81e5175237d0882cdb58023b6512d9c7206

  • SSDEEP

    6144:fVjsN3XWRCwiZ4s5RAxzuZ8ckpj51OasCVhfBD:ficRCwiZH5REzuGLkohf9

Score
8/10

Malware Config

Targets

    • Target

      demurest.cmd

    • Size

      710B

    • MD5

      586fe6d361ef5208fad28c5ff8a4579b

    • SHA1

      bf4177381235393279e7cdfd45a3fa497b7b8a96

    • SHA256

      364d346da8e398a89d3542600cbc72984b857df3d20a6dc37879f14e5e173522

    • SHA512

      bb702af1aeba2b2ccf317404f601a61457fee2348a07c55324afee32406a0ab436b49a54eee2500f3620382f066d6912724ba7cb3cf4b4b1ee4997a3a922b8ea

    Score
    8/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      documents-9771.lnk

    • Size

      2KB

    • MD5

      51e416c3d3be568864994449cd39caa1

    • SHA1

      ee1c5e9f1257fbda3b174d534d06dddf435d3327

    • SHA256

      57842fe8723ed6ebdf7fc17fc341909ad05a7a4feec8bdb5e062882da29fa1a8

    • SHA512

      020cc070c30e5cf192145056b24198846b9cc856ba001924eb95d439d521cffc5c133f7c8506724a2e53083fb5cd8343945370094ed1e1923ca3e9622526bcd8

    Score
    8/10
    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks