ede0b2b6a133e9cd0de0be1e197aabeff35609e2f3eb560bbdaaa0502bfc8b62 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8510c100e3355f6636ee4a821ae4b9d.unknown
Size

96KB
Sample

240109-xmy6hahgg3
MD5

e8510c100e3355f6636ee4a821ae4b9d
SHA1

ac94b1b97a8edc7058691e4e02fc65e129de9cff
SHA256

ede0b2b6a133e9cd0de0be1e197aabeff35609e2f3eb560bbdaaa0502bfc8b62
SHA512

ffc2cf7b49985e029e2e18ac834f9a3759b40c601de3fa953993654447f70abe12ac8c12e02c21d99f8e51cdd5d115588db6902752b309bf732bbf9e52dd85d1
SSDEEP

3072:59Ry98guHVBqqg2bcruzUHmLKeMMU7GwbWBPwVGWl9SZ8kV8Gd5bzIvt/4g5eaXh:59Ry9RuXqW4SzUHmLKeMMU7GwWBPwVG6

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

http://smart-integrator.hr/pornhub.php

Targets

- Target
  
  e8510c100e3355f6636ee4a821ae4b9d.unknown
- Size
  
  96KB
- MD5
  
  e8510c100e3355f6636ee4a821ae4b9d
- SHA1
  
  ac94b1b97a8edc7058691e4e02fc65e129de9cff
- SHA256
  
  ede0b2b6a133e9cd0de0be1e197aabeff35609e2f3eb560bbdaaa0502bfc8b62
- SHA512
  
  ffc2cf7b49985e029e2e18ac834f9a3759b40c601de3fa953993654447f70abe12ac8c12e02c21d99f8e51cdd5d115588db6902752b309bf732bbf9e52dd85d1
- SSDEEP
  
  3072:59Ry98guHVBqqg2bcruzUHmLKeMMU7GwbWBPwVGWl9SZ8kV8Gd5bzIvt/4g5eaXh:59Ry9RuXqW4SzUHmLKeMMU7GwWBPwVG6
Score

10^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2