General

  • Target

    dcd958a45d1d01fc04dc5b109215f39292b99b424f42f115467ca58a523a5900

  • Size

    5.8MB

  • Sample

    231221-wc51madgf2

  • MD5

    b6f6cfb32f3fd2a051b55548ce67ce09

  • SHA1

    f7119f34697138051279bbc4aa1c594c5527de59

  • SHA256

    dcd958a45d1d01fc04dc5b109215f39292b99b424f42f115467ca58a523a5900

  • SHA512

    8f5012529087a5f9b9e82be8606090ae831e808421d152558b7881de7e53f9e31d61b1a63840698ccf398bb79dc15e433419d5a4e2a6dd2c753ca2f9ee2686ba

  • SSDEEP

    98304:mQZcf96K0D4kvpuj61aX7mFDw4K17xPf81MS38JGEGe8uKsmfqayn:m0cEKwm0alxn81MS38cKmia

Score
8/10

Malware Config

Targets

    • Target

      dcd958a45d1d01fc04dc5b109215f39292b99b424f42f115467ca58a523a5900

    • Size

      5.8MB

    • MD5

      b6f6cfb32f3fd2a051b55548ce67ce09

    • SHA1

      f7119f34697138051279bbc4aa1c594c5527de59

    • SHA256

      dcd958a45d1d01fc04dc5b109215f39292b99b424f42f115467ca58a523a5900

    • SHA512

      8f5012529087a5f9b9e82be8606090ae831e808421d152558b7881de7e53f9e31d61b1a63840698ccf398bb79dc15e433419d5a4e2a6dd2c753ca2f9ee2686ba

    • SSDEEP

      98304:mQZcf96K0D4kvpuj61aX7mFDw4K17xPf81MS38JGEGe8uKsmfqayn:m0cEKwm0alxn81MS38cKmia

    Score
    8/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks