37dea5282d43e914eb0e82f766454b165695fd15d27f18ad9f3edc7f4146830e | Triage

Sharing

General

Target

269805cac07dd3f5ad1f9467bcdba40b
Size

65KB
Sample

231225-r4e63adag8
MD5

269805cac07dd3f5ad1f9467bcdba40b
SHA1

7dcd2788a4833bdd31024fdf0760dc3e3f243278
SHA256

37dea5282d43e914eb0e82f766454b165695fd15d27f18ad9f3edc7f4146830e
SHA512

16b47bc184cbc9ceae9d5d95b50a85e3c39b84e23fdf679a1817847001338b25abbc95ad520526b55ac31f069513ee2cb340381380a34e1b85f38561b09762b0
SSDEEP

1536:59Ry98guHVBqqg2bcruayUHmLKeZaMU7GwbWBPwVGWl9SZ8kV8Gp/5bzIEN4t/oc:59Ry98guHVBqqg2bcruzUHmLKeMMU7G6

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

http://smart-integrator.hr/pornhub.php

Targets

- Target
  
  269805cac07dd3f5ad1f9467bcdba40b
- Size
  
  65KB
- MD5
  
  269805cac07dd3f5ad1f9467bcdba40b
- SHA1
  
  7dcd2788a4833bdd31024fdf0760dc3e3f243278
- SHA256
  
  37dea5282d43e914eb0e82f766454b165695fd15d27f18ad9f3edc7f4146830e
- SHA512
  
  16b47bc184cbc9ceae9d5d95b50a85e3c39b84e23fdf679a1817847001338b25abbc95ad520526b55ac31f069513ee2cb340381380a34e1b85f38561b09762b0
- SSDEEP
  
  1536:59Ry98guHVBqqg2bcruayUHmLKeZaMU7GwbWBPwVGWl9SZ8kV8Gp/5bzIEN4t/oc:59Ry98guHVBqqg2bcruzUHmLKeMMU7G6
Score

10^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2