58ac096c4b57fe64461e8a162889c4c23089bc13ddc1188d0063c2a1169f94b3 | Triage

Sharing

General

Target

59531cb95299227ef8a9102fe7b04323
Size

11.4MB
Sample

240113-y35hwsefa9
MD5

59531cb95299227ef8a9102fe7b04323
SHA1

028ab74b67c2e3a530bac4bf25ca072049aaee70
SHA256

58ac096c4b57fe64461e8a162889c4c23089bc13ddc1188d0063c2a1169f94b3
SHA512

7fb060f3eb4787293803a43c20978eb17760b74168eea629a79eaed2b41425edd6849f8773c3036449b3286298a4e6395079d9a730f0d684643294842a822472
SSDEEP

196608:k1EwMlSWxlhEu3DPwlhi81/s0d7fpIKFMfDQBJvoRpRkG0kRCIXRV+Yz:k1mlSW/uGDPwLi81/s0V/MLo6XRk+RCM

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://downloadcrypto.ru/soft/nbminer_37.6.exe

exe.dropper

http://downloadcrypto.ru/soft/Weakness.exe

Targets

- Target
  
  59531cb95299227ef8a9102fe7b04323
- Size
  
  11.4MB
- MD5
  
  59531cb95299227ef8a9102fe7b04323
- SHA1
  
  028ab74b67c2e3a530bac4bf25ca072049aaee70
- SHA256
  
  58ac096c4b57fe64461e8a162889c4c23089bc13ddc1188d0063c2a1169f94b3
- SHA512
  
  7fb060f3eb4787293803a43c20978eb17760b74168eea629a79eaed2b41425edd6849f8773c3036449b3286298a4e6395079d9a730f0d684643294842a822472
- SSDEEP
  
  196608:k1EwMlSWxlhEu3DPwlhi81/s0d7fpIKFMfDQBJvoRpRkG0kRCIXRV+Yz:k1mlSW/uGDPwLi81/s0V/MLo6XRk+RCM
Score

10^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2