Overview

overview

10

Static

static

1

Scan_Zayav...pg.lnk

windows7-x64

3

Scan_Zayav...pg.lnk

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Scan_Zayavlenie_1416-02-24_13-02-2024.jpg.lnk

  • Size

    1.6MB

  • Sample

    240213-rrt5fsda69

  • MD5

    f31a21cf7cbe37cb8652627006cd3939

  • SHA1

    e394d7f7e79c9c07e20bd95680e77d7b30e0b0da

  • SHA256

    f0a48c7b67a532efab87e1c635f44b50982381e72710616a86f3d7313312aa86

  • SHA512

    f6c581b25c1a486984665212d8bd55c256c0e67ec3b485692c972c45dbadd7f5ea9ed7b377ce9c006f9ae206741d4ae858ada57f438e0dda39306a3731dcb65b

  • SSDEEP

    24:82/ByKnC+/lOXn0s7wX72Q57GgdUCH7Ay4Aarab/B4f:8KPn8n0scr2Q5viCEA4abBC

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://91.92.248.36/Downloads/config.exe

Targets

    • Target

      Scan_Zayavlenie_1416-02-24_13-02-2024.jpg.lnk

    • Size

      1.6MB

    • MD5

      f31a21cf7cbe37cb8652627006cd3939

    • SHA1

      e394d7f7e79c9c07e20bd95680e77d7b30e0b0da

    • SHA256

      f0a48c7b67a532efab87e1c635f44b50982381e72710616a86f3d7313312aa86

    • SHA512

      f6c581b25c1a486984665212d8bd55c256c0e67ec3b485692c972c45dbadd7f5ea9ed7b377ce9c006f9ae206741d4ae858ada57f438e0dda39306a3731dcb65b

    • SSDEEP

      24:82/ByKnC+/lOXn0s7wX72Q57GgdUCH7Ay4Aarab/B4f:8KPn8n0scr2Q5viCEA4abBC

    Score
    10/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks