Overview

overview

8

Static

static

1

normaescol...Nk.lnk

windows7-x64

3

normaescol...Nk.lnk

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    normaescolapaulofreire.com05839098.637350.88866.lNk.lnk

  • Size

    993B

  • Sample

    230420-jbs88aac81

  • MD5

    58ddaf977e23a1b3305cbaa958f2f8c7

  • SHA1

    9b59e71b9003a5d3335371007253ffbc310043d1

  • SHA256

    6ff069df0998db6be5e4e09bfeba878eda2192141d4ed66a67737f4629cce21f

  • SHA512

    e1f73ecf37dd6938b72cd6a4f3e320cabe2b6e9856c6e2abcb4dce4e8e062ebb2eeda8b57549e674a16509c35971713e875e2c87a070ffe7372f53f0af0afde8

Score
8/10

Malware Config

Targets

    • Target

      normaescolapaulofreire.com05839098.637350.88866.lNk.lnk

    • Size

      993B

    • MD5

      58ddaf977e23a1b3305cbaa958f2f8c7

    • SHA1

      9b59e71b9003a5d3335371007253ffbc310043d1

    • SHA256

      6ff069df0998db6be5e4e09bfeba878eda2192141d4ed66a67737f4629cce21f

    • SHA512

      e1f73ecf37dd6938b72cd6a4f3e320cabe2b6e9856c6e2abcb4dce4e8e062ebb2eeda8b57549e674a16509c35971713e875e2c87a070ffe7372f53f0af0afde8

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks