General

  • Target

    103c0a1116fdbb71a673ba845cff1ef9

  • Size

    110KB

  • Sample

    231230-gdkzhshfc6

  • MD5

    103c0a1116fdbb71a673ba845cff1ef9

  • SHA1

    d016efed452c192b205e9f7e3d830f4deb4cb745

  • SHA256

    c866f50e1724b7a93af2a49ce86ff2e46d68589dba15da975d8459d663c71d11

  • SHA512

    c0591a52f1efa154a89a12850ba69a62751fdc955bd0e7bf7baaf66ce351e9d6cdd3fc1a4864d4971bf42f5d6b98eab6eac7fb50ba9d4ba8a8ccd1c4225be945

  • SSDEEP

    3072:LV4yZwcpVYvvIWq9Ry98guHVBqqg2bcruzUHmLKeMMU7GwbWBPwVGWl9SZ8kV8G3:LCE9R9Ry9RuXqW4SzUHmLKeMMU7GwWBz

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://smart-integrator.hr/pornhub.php

Targets

    • Target

      103c0a1116fdbb71a673ba845cff1ef9

    • Size

      110KB

    • MD5

      103c0a1116fdbb71a673ba845cff1ef9

    • SHA1

      d016efed452c192b205e9f7e3d830f4deb4cb745

    • SHA256

      c866f50e1724b7a93af2a49ce86ff2e46d68589dba15da975d8459d663c71d11

    • SHA512

      c0591a52f1efa154a89a12850ba69a62751fdc955bd0e7bf7baaf66ce351e9d6cdd3fc1a4864d4971bf42f5d6b98eab6eac7fb50ba9d4ba8a8ccd1c4225be945

    • SSDEEP

      3072:LV4yZwcpVYvvIWq9Ry98guHVBqqg2bcruzUHmLKeMMU7GwbWBPwVGWl9SZ8kV8G3:LCE9R9Ry9RuXqW4SzUHmLKeMMU7GwWBz

    Score
    10/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks