601ff38ad680f9e707e122f8b9bcd3f9f57e10c7403c7adee0cf570b1924b8ee

General

Target

677e4c55e7f8f97eda933525c8ed77ab.bin
Size

23KB
Sample

230322-btl9maeb35
MD5

14f86c6cc2d386dbaf1fae1084a1dfa8
SHA1

a6ecac74fb90ba7956381994447ad6329d3748bf
SHA256

601ff38ad680f9e707e122f8b9bcd3f9f57e10c7403c7adee0cf570b1924b8ee
SHA512

a96a640f8f99d1850f4fa0e54cca7a9afb25952c90f8f5b5f944c39d4d37179d3827afc5b240c8f5f59cf15d67b21fa3630357dcaa91e115cf9a5e8075390f8e
SSDEEP

384:8AKw3RSp/gKKb9lERtYZVNB3RxDThv+7GBW3W4T5deMF+9EdzcXvbJmTv+Dijoac:V9RRVHc+D3RLv/M9IYJUvbJfD0oac

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

https://onestopsilkscreeners.ca/o6g4bt1/SHkwxN

exe.dropper

https://smeolbd.com/ntaUX/gT17uB8zXQQ1

exe.dropper

https://sobanaze.com/cJn7i/KIeo1

exe.dropper

https://kingzunlimited.com/VvAmv/HrBnUeEt83Z

exe.dropper

https://odwazig.nl/xNV7x/AHwPIvNXWMJ

exe.dropper

https://discountlandllc.com/uUbH/FEnP9o3WZa

exe.dropper

https://canadianused.com/euSgOJA/hcrqV3k2SO

exe.dropper

https://getcash2surveys.com/0HFE0G/Kz55wwkxZ5

Targets

- Target
  
  90136d6f6a748093254c25d77154148ad20f27a98febcdca2fa287a1b898f732.js
- Size
  
  65KB
- MD5
  
  677e4c55e7f8f97eda933525c8ed77ab
- SHA1
  
  ddf062a6ef5059d59d9e39a8daa270727cd059b5
- SHA256
  
  90136d6f6a748093254c25d77154148ad20f27a98febcdca2fa287a1b898f732
- SHA512
  
  790cc86a95f0bf90aee9ea50424bc7cb78d9fdb971f0ff737a968e549b85baa8be10c24f0a7ccc451b266c02065f7152ac2a7e2ba3f5275b55f6438ae95379f6
- SSDEEP
  
  768:XnAhHZ0CV2Fh1EwUBlKKKUUq3ee7Nr3G9iPxVEysavZA8S5il2FWWtlQvThUxuTB:QX0/0QYD2QWiUQkEZKMicsPe
Score

10^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Blocklisted process makes network request

Checks computer location settings

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2