Overview

overview

10

Static

static

1

11012024_0...y..lnk

windows7-x64

10

11012024_0...y..lnk

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11012024_0007_2 _ Project budget and candidate salary..lnk

  • Size

    53KB

  • Sample

    240110-tksddsbfa8

  • MD5

    10369f2b0ad5c9899bbb48e39baeedae

  • SHA1

    970fc66713a597c9059f31177ed9618472982c24

  • SHA256

    d1e5ce4e97e3ca866aac57eb293c764f56eda897b7685fd689cba9cdf5505fb3

  • SHA512

    ce4efa3bd1cf7752b8420b023d598ba156785b7d19303951dee845d46e6a645d2f1a93b397c3454fae51b120f7fa141c0a42c04aef6b9966e405759d39b9d8be

  • SSDEEP

    192:8Tb+sFcaygd21iq2HOXt12Py86uAd+7dYkMQ776SVzFSAsQgHuCMswPaod:o9B/RtH0t12JLL+kMKbSAsN4Jyu

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://thietbiytebt.online/file/

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://thiet

Targets

    • Target

      11012024_0007_2 _ Project budget and candidate salary..lnk

    • Size

      53KB

    • MD5

      10369f2b0ad5c9899bbb48e39baeedae

    • SHA1

      970fc66713a597c9059f31177ed9618472982c24

    • SHA256

      d1e5ce4e97e3ca866aac57eb293c764f56eda897b7685fd689cba9cdf5505fb3

    • SHA512

      ce4efa3bd1cf7752b8420b023d598ba156785b7d19303951dee845d46e6a645d2f1a93b397c3454fae51b120f7fa141c0a42c04aef6b9966e405759d39b9d8be

    • SSDEEP

      192:8Tb+sFcaygd21iq2HOXt12Py86uAd+7dYkMQ776SVzFSAsQgHuCMswPaod:o9B/RtH0t12JLL+kMKbSAsN4Jyu

    Score
    10/10

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks