9f01d57b718a1da40519eb98333fd2ec2ca044c9d33a60311424dcff9142a2d3

Sharing

Copy URL

Twitter E-mail

General

Target

fotoschema.rar
Size

2.1MB
Sample

221228-zwmvyabf39
MD5

296704df761f178cc7d1cfe56e2440df
SHA1

ba05e14acf2b1bd0240511a21e33f5045a8280b6
SHA256

9f01d57b718a1da40519eb98333fd2ec2ca044c9d33a60311424dcff9142a2d3
SHA512

5843fa8340d577e0182e5dfb7e3c50e85c1699d99fd5ad5c60212db1860a6411a16888b0815c355af530162e902c58c25a08f39a11081158b1435907b6dfa6a7
SSDEEP

49152:7frhcXSCJIhoAbcXSC/0xkKscXSC6vscXSCU8/UycXSCiQhR6ajNicXSCNZ:7yXSCJOoAYXSC/0xj5XSCUXSCiXXSCic

Score

7^/10

Malware Config

Targets

- Target
  
  WhatsAppImage2012-02-20.exe
- Size
  
  710KB
- MD5
  
  fca2523902a26b9d9069c4f7bc276412
- SHA1
  
  e5798517668c4ea40cf21a7cf0562eca8fd142ea
- SHA256
  
  acd49cc5cb7a530b0ffa7e3de893978492f7cf57bf67174109b7f20b576532c3
- SHA512
  
  6846663d3d9ab02dd54d1f2d2c3e2dfe02590892b4c4fc05175a84e9e39a2be567b9ca45c02b1bd6da1af66bd4a3059c9a4a82dfc8768e0bad08a252a3c56f56
- SSDEEP
  
  12288:JRZ+IoG/n9IQxW3OBsFt5cubIZabOh7yMv5HAoaFRtIobpb6:B2G/nvxW3W25bI0b0OmgNFMS16
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  WhatsAppImage2012-02-21.exe
- Size
  
  710KB
- MD5
  
  8164f8d7e5ed7ca6457388ee60e1d2f7
- SHA1
  
  28cee1ce8b27865cd98274a177472b26f034ec4e
- SHA256
  
  11a2b60a677a0f234b9a3548b1920a426a734fdb2a932494715709d20e24e438
- SHA512
  
  bdca059472f2060b9d4c52d66e2efad5b14d7bbf1f83176b94e0fda4882acd186049a5b03ba9e40dd1081412d73ddb063366138a32c02253caa90b2c39608fc6
- SSDEEP
  
  12288:JRZ+IoG/n9IQxW3OBsFtPW72ia1Uqxay6WiPxXy1ccOoxoBo6tyOp1bbQQ/Au/2x:B2G/nvxW3WVaF1Uqx96WiNI7oBoUyOpY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral3 behavioral4
- Target
  
  WhatsAppImage2018-11-08.exe
- Size
  
  710KB
- MD5
  
  219c5eb00f868876e5c9312e95b2eeca
- SHA1
  
  ed31b7af3a5c3ac92f58bcf5443c2848bdef9ae4
- SHA256
  
  202375a8783c3538f12eb5d89c3b62e3aca41074e0879d00e68de959020bf641
- SHA512
  
  80470e7e576f7b14ccc52c23877b52cde3d26d578e0db735dfe967a5438b8e7739aed5d7bad3f1a7edffe93ca39d58451fb49077415578a6e06f52fecbfed71f
- SSDEEP
  
  12288:JRZ+IoG/n9IQxW3OBsFtHuxjqkcFeAZ/2IGlX0zobpb6:B2G/nvxW3W7mjeAhzS16
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  WhatsAppImage2019-07-12.exe
- Size
  
  710KB
- MD5
  
  b289b16e247d361a74d124748f448ebc
- SHA1
  
  f12edcbb1beadc1b4b4a50321ab4214648e6e33f
- SHA256
  
  e5c175b2649b6f29141c4f78ed7d4a56bb695f339c3f255b0808bdd0c545832d
- SHA512
  
  d5f02889d6fc90143666ebf6616c3c67ebde9b4615c59902f2077616e761500b2bf5b5991221bb73ffffdd4bb7056656a0780b730211a4b607b402978500ad0d
- SSDEEP
  
  12288:JRZ+IoG/n9IQxW3OBsFtkBZIzKXNJzsT79/jBVtQlERwoQ0hh6uD+hzphI+IOfF0:B2G/nvxW3WrIOXMtZ7Q0oNwS16
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral7 behavioral8
- Target
  
  WhatsAppImage2020-05-02.exe
- Size
  
  710KB
- MD5
  
  6c5c0814edcde5281375b981a2a83bc0
- SHA1
  
  49ecd327bff48b2b72d23ebdc3d4e306472b14e4
- SHA256
  
  f47de5bf22771b15d5bbe320aed114c1782acb9d3c56025b817237ef6621c1f8
- SHA512
  
  ffe6b981e5b18ec25e017b1c817b343037d08deda477697847f2552192fe0c47bb30e6a9c6c0979af2345057516b2440dabc7bc77843c970a102e0648c795e0f
- SSDEEP
  
  12288:JRZ+IoG/n9IQxW3OBsFtKAp2QEa+aZAD7kcYVdFY7SRppppZExPobpb6:B2G/nvxW3Wu2Qb+BWduuXExS16
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral10 behavioral9
- Target
  
  WhatsAppImage2020-05-29.exe
- Size
  
  710KB
- MD5
  
  2183724382a902c4af6f5d51f49e073d
- SHA1
  
  248c425b66406877e3dbffcd6cd6733e431e17be
- SHA256
  
  9913cad0198c5abce2c96e6af680bfd456f60403db974a4762900295d58d5200
- SHA512
  
  50f3f1ec4a83f2902a0834b4d1a9127e856ec404a0358225147a789ee3f3e9d0ca1b6ca8185e30408b7f0d7c24000274462403e6e06b1fe84ae330bafbb597dc
- SSDEEP
  
  12288:JRZ+IoG/n9IQxW3OBsFtIhOgQb2IxZ0jP81IDhvo9UyU/VDUlwNNU2obpb6:B2G/nvxW3WfhOg+YT81mw9U1/pUlwTSY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral11 behavioral12
- Target
  
  WhatsAppImage2022-01-11.exe
- Size
  
  710KB
- MD5
  
  9075ea5fe89b209181a2fb87dedf7eac
- SHA1
  
  0c84c9988d178fffda5cbc6834e3fccd2f3e0931
- SHA256
  
  425edf2e99de2b5a87ac58201660c9d802f3a6730782b1caf1222444ef92b9e1
- SHA512
  
  e260669e64acacc7b06c184ffe86589206580515ac577d1dd8fe4c89f55691ff89590056bc16d2c62bf73f0d5c9ecf57bab6912103b5f6bed98825d3ad7ffb7c
- SSDEEP
  
  12288:JRZ+IoG/n9IQxW3OBsFtnhcCDvBiDfVTtGllobpb6:B2G/nvxW3Wt4iDf/US16
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral13 behavioral14

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14