General

  • Target

    tmp

  • Size

    306KB

  • Sample

    230327-en9drade8y

  • MD5

    3023e739cfa1394e680f4dd2d4ca43ba

  • SHA1

    bdea1c13af13763cddf2a134ec1d272f43081749

  • SHA256

    1485eec815dd8ddecd0149e13f7486df102667c4da1a524101f6eb08f6548814

  • SHA512

    001ecdf994dad7bd92d874f37fa4d7f8027b376160c3dea0f6f6da6a3364adc17e2524fdd29e3cf41b4f52195c5a14ae5ac64f142277456df268eb0b01fa6df3

  • SSDEEP

    6144:vYa6U3ctjJiHPKgFEV7B5wvWsTq/ylTwgNo9QowyDmOggt5lDjOE8pH5a:vYaMZJiHPKuEVF5VsTq6lcdQowyCelDR

Score
7/10

Malware Config

Targets

    • Target

      tmp

    • Size

      306KB

    • MD5

      3023e739cfa1394e680f4dd2d4ca43ba

    • SHA1

      bdea1c13af13763cddf2a134ec1d272f43081749

    • SHA256

      1485eec815dd8ddecd0149e13f7486df102667c4da1a524101f6eb08f6548814

    • SHA512

      001ecdf994dad7bd92d874f37fa4d7f8027b376160c3dea0f6f6da6a3364adc17e2524fdd29e3cf41b4f52195c5a14ae5ac64f142277456df268eb0b01fa6df3

    • SSDEEP

      6144:vYa6U3ctjJiHPKgFEV7B5wvWsTq/ylTwgNo9QowyDmOggt5lDjOE8pH5a:vYaMZJiHPKuEVF5VsTq6lcdQowyCelDR

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks