Overview

overview

10

Static

static

1

025c9b54aa...ef5.js

windows7-x64

10

025c9b54aa...ef5.js

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    025c9b54aa7361d86eb1a87a3f2f7ef5

  • Size

    436KB

  • Sample

    231224-r9fpsaceg9

  • MD5

    025c9b54aa7361d86eb1a87a3f2f7ef5

  • SHA1

    ac26a398539148f9a672ab621daf8c11d3017982

  • SHA256

    b62f6e04ee510d89e1fcb7f1abcc12965cdd036ffa3609af9f8591b863a41937

  • SHA512

    11d9cc21eddebb451055bf237ea47b7825a615cedadba46526f7bf30d9b70a389b576663713ee4e573b6471ab34741f53cc9e4bf0c4780aae9e7eb24eddf7e94

  • SSDEEP

    6144:69qCNQSrAjJaTgqNsFotzvWwXSswVkSpXve3hB5+aGlx69LCf8brCheQVQ8+shmj:693M80qNAot9XSswV3pXblwdCAISl

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://www.chipmania.it/points.php

Targets

    • Target

      025c9b54aa7361d86eb1a87a3f2f7ef5

    • Size

      436KB

    • MD5

      025c9b54aa7361d86eb1a87a3f2f7ef5

    • SHA1

      ac26a398539148f9a672ab621daf8c11d3017982

    • SHA256

      b62f6e04ee510d89e1fcb7f1abcc12965cdd036ffa3609af9f8591b863a41937

    • SHA512

      11d9cc21eddebb451055bf237ea47b7825a615cedadba46526f7bf30d9b70a389b576663713ee4e573b6471ab34741f53cc9e4bf0c4780aae9e7eb24eddf7e94

    • SSDEEP

      6144:69qCNQSrAjJaTgqNsFotzvWwXSswVkSpXve3hB5+aGlx69LCf8brCheQVQ8+shmj:693M80qNAot9XSswV3pXblwdCAISl

    Score
    10/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks