General

  • Target

    4a59252d37791d7d698c2c40c377fdde

  • Size

    91KB

  • Sample

    240108-d992qsaedj

  • MD5

    4a59252d37791d7d698c2c40c377fdde

  • SHA1

    a9cb585252859a21bc068a1b448bf887a3aa43a6

  • SHA256

    c9595bb2978642500e6dabde90772672829261c439e331c706325f2ae53d1d3b

  • SHA512

    33d066835c14f6b1dc603e801a22a305df6659d65e6324c9855826a372f31de73a875c7aa84f5507b735c64e88a51864dc3d88e3a59d1ba68c071b1d600f3148

  • SSDEEP

    1536:59Ry98guHVBqqg2bcruayUHmLKeZaMU7GwbWBPwVGWl9SZ8kV8Gp/5bzIEN4t/oi:59Ry98guHVBqqg2bcruzUHmLKeMMU7GE

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://smart-integrator.hr/pornhub.php

Targets

    • Target

      4a59252d37791d7d698c2c40c377fdde

    • Size

      91KB

    • MD5

      4a59252d37791d7d698c2c40c377fdde

    • SHA1

      a9cb585252859a21bc068a1b448bf887a3aa43a6

    • SHA256

      c9595bb2978642500e6dabde90772672829261c439e331c706325f2ae53d1d3b

    • SHA512

      33d066835c14f6b1dc603e801a22a305df6659d65e6324c9855826a372f31de73a875c7aa84f5507b735c64e88a51864dc3d88e3a59d1ba68c071b1d600f3148

    • SSDEEP

      1536:59Ry98guHVBqqg2bcruayUHmLKeZaMU7GwbWBPwVGWl9SZ8kV8Gp/5bzIEN4t/oi:59Ry98guHVBqqg2bcruzUHmLKeMMU7GE

    Score
    10/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks