Overview

overview

10

Static

static

43a87fd0bd...59.exe

windows7-x64

10

43a87fd0bd...59.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    43a87fd0bd1c72b0b0ee5460e688c65344677bcb451f90c74bc34b0492ce6159

  • Size

    387KB

  • Sample

    221130-w5p5wagf9w

  • MD5

    829904d7b9a2352fcb43eb58a986eba3

  • SHA1

    5bd57bdac68fa0d740518e9efe40c983685f462e

  • SHA256

    43a87fd0bd1c72b0b0ee5460e688c65344677bcb451f90c74bc34b0492ce6159

  • SHA512

    b3c87fa4c8d57ae8e6ea1601c8a7beef39e302e51cdfe2d2f5297ef47149ee4ebf248701e34538d1530a655526d9ec93f1851f1abb8145be1bdd52b1a75c1cdf

  • SSDEEP

    12288:ogfusyU6qxYr231b4NZYZoOCPdD6AxJWv4:vfF5YYEOOD6Sf

Score
10/10
onlyloggerloader

Malware Config

Targets

    • Target

      43a87fd0bd1c72b0b0ee5460e688c65344677bcb451f90c74bc34b0492ce6159

    • Size

      387KB

    • MD5

      829904d7b9a2352fcb43eb58a986eba3

    • SHA1

      5bd57bdac68fa0d740518e9efe40c983685f462e

    • SHA256

      43a87fd0bd1c72b0b0ee5460e688c65344677bcb451f90c74bc34b0492ce6159

    • SHA512

      b3c87fa4c8d57ae8e6ea1601c8a7beef39e302e51cdfe2d2f5297ef47149ee4ebf248701e34538d1530a655526d9ec93f1851f1abb8145be1bdd52b1a75c1cdf

    • SSDEEP

      12288:ogfusyU6qxYr231b4NZYZoOCPdD6AxJWv4:vfF5YYEOOD6Sf

    Score
    10/10
    onlyloggerloader

    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

      loaderonlylogger

    • OnlyLogger payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks