General

  • Target

    INQ 27088-11001-1101-1 SA214.iso

  • Size

    310KB

  • Sample

    221215-rhyraafe31

  • MD5

    4f50f1736c0295c9aefd4bbd6aff7b4e

  • SHA1

    fbbd1c1dd0eee1893473de3f95652ad7463f51ed

  • SHA256

    894f1ba89c9b109db62438a6acc95b03e21d29f4f69b0939db0ee7836338d784

  • SHA512

    730ba7881b55e6bfb7541a67ca671ef70acf7b405bf9bcf69f6c7ea7a89a7d4dbf9810c5b774025a05f8c618d76627ca2e6e1d300a35d8987d2d0bc6ef6d8d77

  • SSDEEP

    6144:WHNzuiqrRpvkhey1SK9CDEZnmVmFLGkO:cdqbvoqEU

Score
10/10

Malware Config

Targets

    • Target

      INQ 27088-11001-1101-1 SA214.vbs

    • Size

      249KB

    • MD5

      edc586eeca1c269f039f6ba227a578ec

    • SHA1

      aa7d4af27bbfac7d1fba68b6af0b31beadd9cdf5

    • SHA256

      a3eb1b2e6fe16cbc9bac9be7f8d65b49e6a1f630dd8f9d386737e0c9d8df3751

    • SHA512

      f91f71dc1b0cf4757dc31785a16ada896f23ee54bf6e6bba15b4c03b5e88134e5243bf94191ac98e65b0e05701ca0663a53287f0d03d2ca6af5125ed52b1f78d

    • SSDEEP

      6144:bHNzuiqrRpvkhey1SK9CDEZnmVmFLGkOW:pdqbvoqEUW

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks