General

  • Target

    ac947b60dad17d0143cdf93e3714df9f.exe

  • Size

    37KB

  • Sample

    240107-x1jb7scccj

  • MD5

    ac947b60dad17d0143cdf93e3714df9f

  • SHA1

    6b0acd378f6cc3fab2e63b977b70fa62312d4bba

  • SHA256

    31c22a3015e2f1c692e46b71c2d463ea93c626cb8dc4d32f052489decd0d63ad

  • SHA512

    14f2111a025eacc6c8196f850bcf3a755b7995a30fa15b29ea3a83c45f43257c352a5b3fc7962dfcffb560f0d9dd1dced59cc18ee7ba8d0a0adf448a4e89122e

  • SSDEEP

    768:9YVKhmmRmjbqJhbE+rKdPoOf+v6isSp5T6aKFn3iFJzuw6rw2:aKhmmRmjGvbKdl668p5TRKFn3iFh6rf

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    smtp
  • Host:
    smtp.gmail.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    analprobe

Targets

    • Target

      ac947b60dad17d0143cdf93e3714df9f.exe

    • Size

      37KB

    • MD5

      ac947b60dad17d0143cdf93e3714df9f

    • SHA1

      6b0acd378f6cc3fab2e63b977b70fa62312d4bba

    • SHA256

      31c22a3015e2f1c692e46b71c2d463ea93c626cb8dc4d32f052489decd0d63ad

    • SHA512

      14f2111a025eacc6c8196f850bcf3a755b7995a30fa15b29ea3a83c45f43257c352a5b3fc7962dfcffb560f0d9dd1dced59cc18ee7ba8d0a0adf448a4e89122e

    • SSDEEP

      768:9YVKhmmRmjbqJhbE+rKdPoOf+v6isSp5T6aKFn3iFJzuw6rw2:aKhmmRmjGvbKdl668p5TRKFn3iFh6rf

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks