General

  • Target

    ESPOTIFY SIN PUBLICIDAD.rar

  • Size

    70.4MB

  • Sample

    230125-lzganshc81

  • MD5

    cd3d24a84871a4fd26cca3636126441c

  • SHA1

    b6edb749c81d1d3777e7af1aa6115304e7de31da

  • SHA256

    b7969504a01437385f5865aef152e0b32b2a1344620ec08aa98c1bac580eff4b

  • SHA512

    7ac905d0a159ae65c386ab76b002706800cf0d0a37abfc85e14bf3a3717118c4aa280866cf543e53224cf81ec4b8ffd54c5716b8ebe977c56d3b2e931a5ccae4

  • SSDEEP

    1572864:t6PAadPzirEeifgraAPKzEuhW+EtMlSKiD8J5pijGvMVl7ma:tSPzirEmrJPKwuh0W88J50/Vl5

Malware Config

Targets

    • Target

      ESPOTIFY SIN PUBLICIDAD.rar

    • Size

      70.4MB

    • MD5

      cd3d24a84871a4fd26cca3636126441c

    • SHA1

      b6edb749c81d1d3777e7af1aa6115304e7de31da

    • SHA256

      b7969504a01437385f5865aef152e0b32b2a1344620ec08aa98c1bac580eff4b

    • SHA512

      7ac905d0a159ae65c386ab76b002706800cf0d0a37abfc85e14bf3a3717118c4aa280866cf543e53224cf81ec4b8ffd54c5716b8ebe977c56d3b2e931a5ccae4

    • SSDEEP

      1572864:t6PAadPzirEeifgraAPKzEuhW+EtMlSKiD8J5pijGvMVl7ma:tSPzirEmrJPKwuh0W88J50/Vl5

    Score
    3/10
    • Target

      ESPOTIFY SIN PUBLICIDAD/Spotify1-1-73-517.exe

    • Size

      70.6MB

    • MD5

      567a2857c6f4b381ce27107cb392c0e9

    • SHA1

      ca57b08470d6281792ba78d722d48718d3439d79

    • SHA256

      9e71d03181600209f01eb261db7ebf6fbdfee38ec1ac1974d7f61f75895473d3

    • SHA512

      0850eda05cfdac6fe7d678bb6e22040cbe856ed6bd78c68a52846a40fc6c89a10ce95567df8d62f461193ff3929dca4a6b6c0b5bdc3cf1f661b8f420fc281336

    • SSDEEP

      1572864:6Vt/59XSZMUZ7Q/3PjtWomEglhE5Hm2Fyh4vWVN9FNXLs:kpXSZzNQJ9glhE5rFyheWL

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      ESPOTIFY SIN PUBLICIDAD/install.bat

    • Size

      4KB

    • MD5

      1e2f0cee168e9efbf71954a91c155356

    • SHA1

      1da5b5d28d83b51ee58895b48488a22d1dc49897

    • SHA256

      4cd8cc1a84521644561b76338aabcf7c1d7681564b0415b0a548b6a8e9700a73

    • SHA512

      593cbc366c79e7f2b0dda7260363305e9cd112f665a7375998b34f9a8792f9fb2313e36b17b587010f7d29b24221da756dee1a84f65628e69037a40952d52c64

    • SSDEEP

      96:qGQ9HHSDNcCMOQMYAMlVu7YOnMkycpy1Xq0RHqs0V:qGQ9nRY3YHXuMOMkycpy1XBqs0V

    Score
    1/10

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

2
T1112

Discovery

System Information Discovery

4
T1082

Query Registry

3
T1012

Tasks