General

  • Target

    9bae7ac9a2137a2ee80c91bdec7cf9e475a2c9e7822b1a2c63a63516cf00733d

  • Size

    386KB

  • Sample

    221130-rsjp4sbh4v

  • MD5

    b5b72dd8278704a788474db8f2f49ded

  • SHA1

    86e29037f5340e11c4ccd82f87ba63078478f8fe

  • SHA256

    9bae7ac9a2137a2ee80c91bdec7cf9e475a2c9e7822b1a2c63a63516cf00733d

  • SHA512

    cde580116165fa59ff82e979c09588af16984896b85c225c19cf2c58212f0e8c498918b9ed71954f3d84b6163fd7f0513bbe5dd28463aac906946aac6830bfcf

  • SSDEEP

    12288:TtJluZ+meKuRmj6E+hlYLyCRTG99vOKUol:jUQkEPYL1W5Oe

Score
10/10

Malware Config

Targets

    • Target

      9bae7ac9a2137a2ee80c91bdec7cf9e475a2c9e7822b1a2c63a63516cf00733d

    • Size

      386KB

    • MD5

      b5b72dd8278704a788474db8f2f49ded

    • SHA1

      86e29037f5340e11c4ccd82f87ba63078478f8fe

    • SHA256

      9bae7ac9a2137a2ee80c91bdec7cf9e475a2c9e7822b1a2c63a63516cf00733d

    • SHA512

      cde580116165fa59ff82e979c09588af16984896b85c225c19cf2c58212f0e8c498918b9ed71954f3d84b6163fd7f0513bbe5dd28463aac906946aac6830bfcf

    • SSDEEP

      12288:TtJluZ+meKuRmj6E+hlYLyCRTG99vOKUol:jUQkEPYL1W5Oe

    Score
    10/10
    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

    • OnlyLogger payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks