General

  • Target

    391907edbcb127ead0ea42ef7f4a599a9a86703edb75cc90c280e6b747d678ae

  • Size

    2.8MB

  • Sample

    231213-3bxfesaafm

  • MD5

    3c99d658ac64e2dfee90f16d6fda15f8

  • SHA1

    39181f51e93a537ca3e28a5a7bca424bfc4dcd0d

  • SHA256

    391907edbcb127ead0ea42ef7f4a599a9a86703edb75cc90c280e6b747d678ae

  • SHA512

    c87baeaacbf94cbd16d5a7efee9dc66e892bd3d1961d1a5ab872ada41f6f85fd24e0b983a733a7cd8d7f4a320d0702d02b45876f9bb5722368c78e312afdbf72

  • SSDEEP

    49152:VsePnVUSbpURC3BOBAPSQMUwa79lgNR9moji4gszvIVumIKsx4py1cXPyUQfic:2+t68BKAaQZwaZlU9moji5iv+umIjxbH

Malware Config

Targets

    • Target

      391907edbcb127ead0ea42ef7f4a599a9a86703edb75cc90c280e6b747d678ae

    • Size

      2.8MB

    • MD5

      3c99d658ac64e2dfee90f16d6fda15f8

    • SHA1

      39181f51e93a537ca3e28a5a7bca424bfc4dcd0d

    • SHA256

      391907edbcb127ead0ea42ef7f4a599a9a86703edb75cc90c280e6b747d678ae

    • SHA512

      c87baeaacbf94cbd16d5a7efee9dc66e892bd3d1961d1a5ab872ada41f6f85fd24e0b983a733a7cd8d7f4a320d0702d02b45876f9bb5722368c78e312afdbf72

    • SSDEEP

      49152:VsePnVUSbpURC3BOBAPSQMUwa79lgNR9moji4gszvIVumIKsx4py1cXPyUQfic:2+t68BKAaQZwaZlU9moji5iv+umIjxbH

    • Detected google phishing page

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Detected potential entity reuse from brand paypal.

MITRE ATT&CK Enterprise v15

Tasks