Overview

overview

10

Static

static

1

3eae2dc205...128.js

windows7-x64

10

3eae2dc205...128.js

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3eae2dc2058951e908c5006baff22128.unknown

  • Size

    127KB

  • Sample

    240103-r3kedshce9

  • MD5

    3eae2dc2058951e908c5006baff22128

  • SHA1

    56c2577c8e66e0a6e92d8e6f79e2e9afaf6152c9

  • SHA256

    787aae4cc73606a0b216973dad3c95e6e541966157bf3873f7ba8b38298d6ba8

  • SHA512

    6ba94f28d96e8c06b7b8589fdf2a0efaaab96012762d66942dff1fd5a988e5bdeb4b2286e04f9313ab5f87f07430e005dd7e4205aa8015631f5c8adf1b71ad02

  • SSDEEP

    3072:0XtbL06VLNFAjWWFFVU5qRHWniD3XgwB71PheQJLkPaE4xTmCg4PdhOexAd/3xI:0Xt/0D5yyE4xTFGAAU

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://jolantagraban.pl/log/57843441668980/dll/assistant.php

Targets

    • Target

      3eae2dc2058951e908c5006baff22128.unknown

    • Size

      127KB

    • MD5

      3eae2dc2058951e908c5006baff22128

    • SHA1

      56c2577c8e66e0a6e92d8e6f79e2e9afaf6152c9

    • SHA256

      787aae4cc73606a0b216973dad3c95e6e541966157bf3873f7ba8b38298d6ba8

    • SHA512

      6ba94f28d96e8c06b7b8589fdf2a0efaaab96012762d66942dff1fd5a988e5bdeb4b2286e04f9313ab5f87f07430e005dd7e4205aa8015631f5c8adf1b71ad02

    • SSDEEP

      3072:0XtbL06VLNFAjWWFFVU5qRHWniD3XgwB71PheQJLkPaE4xTmCg4PdhOexAd/3xI:0Xt/0D5yyE4xTFGAAU

    Score
    10/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks