Overview

overview

10

Static

static

1

Shipment D...ts.one

windows10-2004-x64

10

Resubmissions

29/03/2023, 12:40

230329-pwj4yahh4y 10

17/01/2023, 20:25

230117-y7at3sfc63 1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Shipment Documents.one

  • Size

    1.0MB

  • Sample

    230329-pwj4yahh4y

  • MD5

    fc54858ae2e48c9dbe562f68107d1928

  • SHA1

    70352ca74fa8d31d6b1779b56c4fb16834d4e4c6

  • SHA256

    9bf99fc32dc69f213812c3c747e8dd41fef63ad0fd0aec01a6b399aeb10a166a

  • SHA512

    4754fa0f4554a244b2169dde830eb9fef3be4171f42c29be8d261ab10d9f799db7bb516fe64d1fe6f11215570466101c704d5766922445ef180a1fad676720b4

  • SSDEEP

    384:GowNvmTlRXVr9qn+KDfx+ZJOEgJ+63gSYW0+:H3lRXVwrkwEgJTgSYWr

Score
10/10

Malware Config

Targets

    • Target

      Shipment Documents.one

    • Size

      1.0MB

    • MD5

      fc54858ae2e48c9dbe562f68107d1928

    • SHA1

      70352ca74fa8d31d6b1779b56c4fb16834d4e4c6

    • SHA256

      9bf99fc32dc69f213812c3c747e8dd41fef63ad0fd0aec01a6b399aeb10a166a

    • SHA512

      4754fa0f4554a244b2169dde830eb9fef3be4171f42c29be8d261ab10d9f799db7bb516fe64d1fe6f11215570466101c704d5766922445ef180a1fad676720b4

    • SSDEEP

      384:GowNvmTlRXVr9qn+KDfx+ZJOEgJ+63gSYW0+:H3lRXVwrkwEgJTgSYWr

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks