Overview

overview

7

Static

static

3

MSVCR100.dll

windows7-x64

MSVCR100.dll

windows10-2004-x64

WebView2Loader.dll

windows7-x64

WebView2Loader.dll

windows10-2004-x64

3

exe.exe

windows7-x64

exe.exe

windows10-2004-x64

3

i7.exe

windows7-x64

i7.exe

windows10-2004-x64

7

jli.dll

windows7-x64

3

jli.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    m.zip

  • Size

    14.6MB

  • Sample

    231012-l346xacb8v

  • MD5

    ceae6e29e1a06e309da31211bdbf1646

  • SHA1

    f6b16ce69835a96b818d44b6bc8e7c9f1d468cbf

  • SHA256

    09f0823d593febe6989e64999c4ea5e92c78a57d44af084812628562f3d8d375

  • SHA512

    40b5af232d018f09fe4f314eec0ea74603e50518246675aaf2e792043479b16cf725f41aa5162605f78f8de70089c5d35bbb96cd45b11be56d6f3e031ad8472f

  • SSDEEP

    393216:2rIAPjbnxM4oD4NK/LF9wnwYOYRbQO6HcwkDNnNnmKyS/oqz:2rjjbnxt5NUJ9HYRR8OUcwk5Nr7/oqz

Score
7/10

Malware Config

Targets

    • Target

      MSVCR100.txt

    • Size

      755KB

    • MD5

      bf38660a9125935658cfa3e53fdc7d65

    • SHA1

      0b51fb415ec89848f339f8989d323bea722bfd70

    • SHA256

      60c06e0fa4449314da3a0a87c1a9d9577df99226f943637e06f61188e5862efa

    • SHA512

      25f521ffe25a950d0f1a4de63b04cb62e2a3b0e72e7405799586913208bf8f8fa52aa34e96a9cc6ee47afcd41870f3aa0cd8289c53461d1b6e792d19b750c9a1

    • SSDEEP

      12288:yMmCy3nAgPAxN9ueqix/HEmxsvGrif8ZSy+rdQw2QRAtd74/vmYK6H3BV0eAI:dmCy3KxW3ixPEmxsvGrm8Z6r+JQPzV4I

    Score
    1/10
    behavioral1behavioral2

    • Target

      WebView2Loader.txt

    • Size

      105KB

    • MD5

      61e6b94ab6109254fbef360681f5b80d

    • SHA1

      204a5eda5fea33a56edb33b9ccd40af635a04564

    • SHA256

      446b4d19ed8fa1563b77a7f36261b76911b208af1d00a805d54e44b01ca3f54a

    • SHA512

      93fad29f13c0a18e4864ddf57aeba882fb411b84f6dff993b87295a1b5e4b488433802c2150fbf25a3132379dc2eb3aa02d836059b0ef24a2db4269eb0795a9b

    • SSDEEP

      3072:iTC3F6JkULenwAFqz5pV3+Zqocv0T+EtO5pf+gMl/1:iuV66kL5pjxEtqpWRl/1

    Score
    3/10
    behavioral3behavioral4

    • Target

      exe.txt

    • Size

      872KB

    • MD5

      c56b5f0201a3b3de53e561fe76912bfd

    • SHA1

      2a4062e10a5de813f5688221dbeb3f3ff33eb417

    • SHA256

      237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d

    • SHA512

      195b98245bb820085ae9203cdb6d470b749d1f228908093e8606453b027b7d7681ccd7952e30c2f5dd40f8f0b999ccfc60ebb03419b574c08de6816e75710d2c

    • SSDEEP

      12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01

    Score
    3/10
    behavioral5behavioral6

    • Target

      i7.txt

    • Size

      15KB

    • MD5

      4afcab972e98ecbf855f915b2739f508

    • SHA1

      615dc2fa827fab39e16a7e9721f484e7f4d34f8e

    • SHA256

      7cc34a5423bd3fc9fa63d20ebece4103e22e4360df5b9caa2b461069dac77f4d

    • SHA512

      58258f74d7e35c5a83234a98bc033846be5a65146bd992e738a8678706a18c30759bd405fbb30a296181e2f92acb0219df8979030cc45d1cdec6ac06e8bc00d5

    • SSDEEP

      384:Gpsx5cnV21mSHhV8b+lee84SzFnYPLr7aq:GpscnfS/8KUe8jC7aq

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral7behavioral8

    • Target

      jli.dll

    • Size

      10.6MB

    • MD5

      7f59923d6c195d1e4644ea0aab0a6093

    • SHA1

      042644ac6b31abc1ecad03eff0fded6c59e0c011

    • SHA256

      bc53422caf26854cfe8bbb718fc971d99d8cc977f422783a67e3de99c35debc4

    • SHA512

      833723430f17bd8abdfa2d4a9cca205fc806af0053bf560aa801f9bcb0bb9bdbf3d1f96de37a29aa0a2f4179e7ef0e4fdea30101d3ad5319a4d7d17001c16570

    • SSDEEP

      98304:wegO4ORyHiDownH1RunXn3tnpDYMe5bScwalZLCwpokCFCxJD9LKD:wLO4AWXnDW5i

    Score
    3/10
    behavioral10behavioral9

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks