f205d469dd98eea2095573eea1e457b4c49cc0b1cf19fc73c624252eff88e63d | Triage

Sharing

General

Target

3f88ee0d8ddc4cf072ca0d20faf3e991
Size

94KB
Sample

240104-bpl33aecar
MD5

3f88ee0d8ddc4cf072ca0d20faf3e991
SHA1

7ae1672b470c71c99268e8e6f59d1838797f531d
SHA256

f205d469dd98eea2095573eea1e457b4c49cc0b1cf19fc73c624252eff88e63d
SHA512

8c01ad627f557ab98b7fbacc5d1457587ee192687eb0095aef2b65434735b23dd18360ccdf7d2f71287d2cb38ba754c7d2736ae22923dc3d8417b04ebdd3a18f
SSDEEP

1536:59Ry98guHVBqqg2bcruayUHmLKeZaMU7GwbWBPwVGWl9SZ8kV8Gp/5bzIEN4t/oW:59Ry98guHVBqqg2bcruzUHmLKeMMU7Gc

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

http://smart-integrator.hr/pornhub.php

Targets

- Target
  
  3f88ee0d8ddc4cf072ca0d20faf3e991
- Size
  
  94KB
- MD5
  
  3f88ee0d8ddc4cf072ca0d20faf3e991
- SHA1
  
  7ae1672b470c71c99268e8e6f59d1838797f531d
- SHA256
  
  f205d469dd98eea2095573eea1e457b4c49cc0b1cf19fc73c624252eff88e63d
- SHA512
  
  8c01ad627f557ab98b7fbacc5d1457587ee192687eb0095aef2b65434735b23dd18360ccdf7d2f71287d2cb38ba754c7d2736ae22923dc3d8417b04ebdd3a18f
- SSDEEP
  
  1536:59Ry98guHVBqqg2bcruayUHmLKeZaMU7GwbWBPwVGWl9SZ8kV8Gp/5bzIEN4t/oW:59Ry98guHVBqqg2bcruzUHmLKeMMU7Gc
Score

10^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2