Resubmissions

23-01-2023 12:43

230123-pycsmsdb84 7

05-07-2022 14:19

220705-rmt9naaaen 10

General

  • Target

    lidan.exe

  • Size

    124KB

  • Sample

    230123-pycsmsdb84

  • MD5

    2e1ed9a6411f5457e15eb9962d9badc3

  • SHA1

    bf803cfd24fe8e890e2bf420a9e27567b878f000

  • SHA256

    97ead2057976cc989c024fa9ad761549fa57e53b16ca38aeecf3aa70da77c0ea

  • SHA512

    b9d3be71b33b9eea68dd7274e7cb587fa5d59c073f134db147a7d74c357d8f5037a75cfa086c838129ec88a3961061f1e8d95ba00d63ceca5db79674df8cf917

  • SSDEEP

    1536:cqTAZ3SbqVbJhTlNFsV7mt7F/E/8ZhtaOlrttD9zpqN:hu3SuVbblHzcwtaOxttDBpqN

Score
7/10

Malware Config

Targets

    • Target

      lidan.exe

    • Size

      124KB

    • MD5

      2e1ed9a6411f5457e15eb9962d9badc3

    • SHA1

      bf803cfd24fe8e890e2bf420a9e27567b878f000

    • SHA256

      97ead2057976cc989c024fa9ad761549fa57e53b16ca38aeecf3aa70da77c0ea

    • SHA512

      b9d3be71b33b9eea68dd7274e7cb587fa5d59c073f134db147a7d74c357d8f5037a75cfa086c838129ec88a3961061f1e8d95ba00d63ceca5db79674df8cf917

    • SSDEEP

      1536:cqTAZ3SbqVbJhTlNFsV7mt7F/E/8ZhtaOlrttD9zpqN:hu3SuVbblHzcwtaOxttDBpqN

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks