General

  • Target

    684ccc041b42d9017544a7c7c47e432b

  • Size

    366KB

  • Sample

    240119-wtd88sbbhq

  • MD5

    684ccc041b42d9017544a7c7c47e432b

  • SHA1

    792cddbcfc18d0598aa475d62c7e84c443ce7532

  • SHA256

    39210c5a9d6a3000c5ba162d01a4ac8c8187c2e8a83a4272aa1dcf7a714ee51d

  • SHA512

    967e6a45a7887d04ca1a9d1084ab774b34dc76cc8c6e3e8ba383fd08e4f604cbf60a7ffdc0335693957e281a24175671c4117b1e45c3ac985724c36b6ad07e40

  • SSDEEP

    6144:0Xt/0D8dhYBtPfgN7ss4e6uK+18CDyOscsyiDdXxVxDtV1m6IFPCGKaFHuEW8SB2:0Xt8D8dqfgNOYK+ucKxx13xytFOEwBYx

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://jolantagraban.pl/log/57843441668980/dll/assistant.php

Targets

    • Target

      684ccc041b42d9017544a7c7c47e432b

    • Size

      366KB

    • MD5

      684ccc041b42d9017544a7c7c47e432b

    • SHA1

      792cddbcfc18d0598aa475d62c7e84c443ce7532

    • SHA256

      39210c5a9d6a3000c5ba162d01a4ac8c8187c2e8a83a4272aa1dcf7a714ee51d

    • SHA512

      967e6a45a7887d04ca1a9d1084ab774b34dc76cc8c6e3e8ba383fd08e4f604cbf60a7ffdc0335693957e281a24175671c4117b1e45c3ac985724c36b6ad07e40

    • SSDEEP

      6144:0Xt/0D8dhYBtPfgN7ss4e6uK+18CDyOscsyiDdXxVxDtV1m6IFPCGKaFHuEW8SB2:0Xt8D8dqfgNOYK+ucKxx13xytFOEwBYx

    Score
    10/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks