General

  • Target

    49395e9a976fecaf7be1da8e35de3cfb.unknown

  • Size

    173KB

  • Sample

    240107-x3twqacdcl

  • MD5

    49395e9a976fecaf7be1da8e35de3cfb

  • SHA1

    bf1335904ff8066fbeceb55afce4219a51eb091d

  • SHA256

    196edd0df89390ef8a18a2f67c7df2cc82ca422c3fbf0b5edb9c3e6f3bb799d8

  • SHA512

    e4537aa376785221f8efd99afb2e7b149204106283c1547c70c6af85019065fe7af4ca64f07772a1fa3379b3bcf05fb7da62d6ce51c3d7f4d2bd5c40e62cb554

  • SSDEEP

    3072:0XtbL06VLNFAjWWFFVU5qRHWniD3XgwB7Rm6ISUf54VILbsuS4CdWZr9EKAHIPAa:0Xt/0Ds6PUf6VI0ZepEKXIwweu9cb0aR

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://jolantagraban.pl/log/57843441668980/dll/assistant.php

Targets

    • Target

      49395e9a976fecaf7be1da8e35de3cfb.unknown

    • Size

      173KB

    • MD5

      49395e9a976fecaf7be1da8e35de3cfb

    • SHA1

      bf1335904ff8066fbeceb55afce4219a51eb091d

    • SHA256

      196edd0df89390ef8a18a2f67c7df2cc82ca422c3fbf0b5edb9c3e6f3bb799d8

    • SHA512

      e4537aa376785221f8efd99afb2e7b149204106283c1547c70c6af85019065fe7af4ca64f07772a1fa3379b3bcf05fb7da62d6ce51c3d7f4d2bd5c40e62cb554

    • SSDEEP

      3072:0XtbL06VLNFAjWWFFVU5qRHWniD3XgwB7Rm6ISUf54VILbsuS4CdWZr9EKAHIPAa:0Xt/0Ds6PUf6VI0ZepEKXIwweu9cb0aR

    Score
    10/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks