General

  • Target

    8a46726ce577e0a6e461b736a04e95a5

  • Size

    39KB

  • Sample

    240202-xjsvbafbal

  • MD5

    8a46726ce577e0a6e461b736a04e95a5

  • SHA1

    230c9a00d4cee938d013964eba0727d0d4c01a6b

  • SHA256

    75f0d28fc12e326cc7188f594a13f4e28817d35ac9bac779bd005556d2a0b002

  • SHA512

    d8e7d0b5624dbf40f342b17b4205fc0a08f93cc4f52ce86ce9e0c6fd2e91ca492c0c267316d027ca649f086ca4672f538f1cf7c51b584b9147057a5c2d84dccd

  • SSDEEP

    384:GwDJ1AmI/k3TLll7Qz9l84K1E/wnGThs9ldefuJnn4n/uDUMnfHs2g1xj92wHKhF:GqJ1jI/wTL3IvM1swnIhEDeMnK/snCC

Malware Config

Targets

    • Target

      8a46726ce577e0a6e461b736a04e95a5

    • Size

      39KB

    • MD5

      8a46726ce577e0a6e461b736a04e95a5

    • SHA1

      230c9a00d4cee938d013964eba0727d0d4c01a6b

    • SHA256

      75f0d28fc12e326cc7188f594a13f4e28817d35ac9bac779bd005556d2a0b002

    • SHA512

      d8e7d0b5624dbf40f342b17b4205fc0a08f93cc4f52ce86ce9e0c6fd2e91ca492c0c267316d027ca649f086ca4672f538f1cf7c51b584b9147057a5c2d84dccd

    • SSDEEP

      384:GwDJ1AmI/k3TLll7Qz9l84K1E/wnGThs9ldefuJnn4n/uDUMnfHs2g1xj92wHKhF:GqJ1jI/wTL3IvM1swnIhEDeMnK/snCC

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks