General

  • Target

    ce0667a7de13d6080756fa47e5cc5aedc8443391e0fb81bbb56cbd5aff2bb044.img

  • Size

    1.2MB

  • Sample

    240213-f1wh4agb27

  • MD5

    2e32d8967c7455819be17c873b6c4293

  • SHA1

    f10cabe80491bddeb086a9973083dc6d175e1a18

  • SHA256

    ce0667a7de13d6080756fa47e5cc5aedc8443391e0fb81bbb56cbd5aff2bb044

  • SHA512

    10117020ce3a63dfd85fa5bacec11bd3bd43298ddf38b06d79d16d866b867069a7a52fc5b2ce29ec4d72a4847dff91eaa7824c8bbf55053cef9716f4246e52ac

  • SSDEEP

    96:5aqdFzWTUbf91HhYD1X/MVvcfIRsocoC4f8f:oqdh60vSIRsxh4U

Score
8/10

Malware Config

Targets

    • Target

      182763543.vbs

    • Size

      2KB

    • MD5

      7c0c8effb1f083e681ab6562f1fcbbae

    • SHA1

      21009d0dddf185289df237dfa047d07e2634897e

    • SHA256

      4d69f1e4c6ed823a58167cf51eff8a139f5fb32f25c3c9aeb23c5c6162cd200f

    • SHA512

      0c177fa04e520527934857c552687873cab37bdb884f74244ef556d10d85345b3b68a309d0a8d111a73e8601bdfb04233d32662c69d0f8ac2c4c20068a1cb708

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks