3fab5f50508bbe6448732bf7109927433c9e03e7e1449b0de6a2ee667121babc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a16deef4be529d34707cc3f94f8b84bb.unknown
Size

84KB
Sample

240107-x6gessddc5
MD5

a16deef4be529d34707cc3f94f8b84bb
SHA1

df584f8fd9c0616c0bcc29f30aed62f9bfa64e5e
SHA256

3fab5f50508bbe6448732bf7109927433c9e03e7e1449b0de6a2ee667121babc
SHA512

84e2283503b32fe226c3c9ec3f92360e31329a43b21e0b5cbbf90e829ae49b4e2f6c67b9ae2f94d1aac9635171c73a5e04601a09ccac0d4fdb4acb2b033a414f
SSDEEP

1536:59Ry98guHVBqqg2bcruayUHmLKeZaMU7GwbWBPwVGWl9SZ8kV8Gp/5bzIEN4t/oF:59Ry98guHVBqqg2bcruzUHmLKeMMU7Gv

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

http://smart-integrator.hr/pornhub.php

Targets

- Target
  
  a16deef4be529d34707cc3f94f8b84bb.unknown
- Size
  
  84KB
- MD5
  
  a16deef4be529d34707cc3f94f8b84bb
- SHA1
  
  df584f8fd9c0616c0bcc29f30aed62f9bfa64e5e
- SHA256
  
  3fab5f50508bbe6448732bf7109927433c9e03e7e1449b0de6a2ee667121babc
- SHA512
  
  84e2283503b32fe226c3c9ec3f92360e31329a43b21e0b5cbbf90e829ae49b4e2f6c67b9ae2f94d1aac9635171c73a5e04601a09ccac0d4fdb4acb2b033a414f
- SSDEEP
  
  1536:59Ry98guHVBqqg2bcruayUHmLKeZaMU7GwbWBPwVGWl9SZ8kV8Gp/5bzIEN4t/oF:59Ry98guHVBqqg2bcruzUHmLKeMMU7Gv
Score

10^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2