Overview

overview

7

Static

static

3

PO.exe

windows7-x64

1

PO.exe

windows10-2004-x64

7

PO.exe

android-9-x86

PO.exe

android-10-x64

PO.exe

android-11-x64

PO.exe

macos-10.15-amd64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PO.rar

  • Size

    1.3MB

  • Sample

    240213-2j8yraca94

  • MD5

    4f43ff958c583af81231fbe3719b1e82

  • SHA1

    8547a6e3a38e40adeeed3c5dfdc435e73565773c

  • SHA256

    7aa6b3052250238cee4cabbeba34b4a0e17bb9f1d7d6061ca86beaf587cd1716

  • SHA512

    10a0582e4ae5804b3fbb856bec89efed981b0238fa76f06b4eb220b8d467b98b793a424c033e34a59c49adf7bd4cedfbdb7709b6b5a89a486658fd6e267cac7f

  • SSDEEP

    24576:LeqxOLbpGdu0rPuZbeTWYzcYKTeOTH8ihKKCtK16Gc21O4cIBd:a6QbkdrPuh/aLK6i8ihKKArhGO4cIv

Score
7/10
androidcollectionmacos

Malware Config

Targets

    • Target

      PO.exe

    • Size

      1.3MB

    • MD5

      02ea4da53508bca6a9058ba26eafed6d

    • SHA1

      330ab27a265539f0deb80163960259ce822c89d7

    • SHA256

      581efff649d1fd05ae14cca7d6318e369736c1250695fb1cc6387373f7f966ea

    • SHA512

      9e2a513a89891050d7c6cea2bf59553746efc453bd835a9494614afa46d2ddc79117cc2aa161836b5aa720d3a2edcf39881735e42ddb8862159b191bfd5c9266

    • SSDEEP

      24576:No2Dd9dZ2oTHLrycFaMH4ZdzhbdG5XB6+l2zoQqo/AxE+0S6G/8gzxRtsZvUdj:NoK3nvzLrUMedzhbdG6+lkSrE6HOK

    Score
    7/10
    collection

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks