General

  • Target

    FREE_PoeSmoother_v3.23.0_1.7z

  • Size

    3.2MB

  • Sample

    240219-yytwlacc4w

  • MD5

    0d0d7ebb2015fc0f8bd39044c7f4f2c5

  • SHA1

    7e71167323135daf9ff61cb512c362602fabb072

  • SHA256

    78cba9c191b2dc98650ef52bd4827ea96f834d5d345ee9ae71127146328207be

  • SHA512

    887af897745bb03c238003b37cd75b6daa6397e11d291dfb72d6a4e65b10d7c51b50171e658cf1d01716a1f408f21d341315c63e3ae12c502a6ce43e2ee00991

  • SSDEEP

    49152:Xd8NyOB/rgUQeiDszQOMaYAnY+WsGTaFzNtN5PqLxBWLTldXrnwi3Lq/HTadGGaY:NxEru0Y+rvXiqb7wiHIaImKYDMnrT0

Score
7/10

Malware Config

Targets

    • Target

      FluentIcons.Common.dll

    • Size

      116KB

    • MD5

      f7d27af73d2bafcbe27607956fd0f398

    • SHA1

      f583f8bae81f282dd5a5d0d65f718314b7668f5b

    • SHA256

      e8f26a6c886c03103a8102eaa3dc1ccf2be829c0a359ba44b50228fc036f11ce

    • SHA512

      8279f0f8023f51cf654a6c32296835a2c73ce3e6274064cdad48262d9e4736f575fea141e58142b88b952a804be0a9a312465460197ce29e4ba4414c755eaf01

    • SSDEEP

      1536:zKpf036zYvtYyfuVicqNZBjmpyYAuesAUFZfHPcPSPIXkdIlCiFdzeCSjgJYqCy:zXoYFYyWVWLDrsmaPIXkSlPftnR

    Score
    1/10
    • Target

      FluentIcons.WPF.dll

    • Size

      1.3MB

    • MD5

      b38bbadf2bdd6cd99a27f7765b556922

    • SHA1

      090eb7424fdca50dbc523b742567ca4f13a53703

    • SHA256

      f3db6e7effc2df9464fb014f34fff90200cf0e1562b5ae3060caff5af90c61b1

    • SHA512

      3af6543ec32df9447f1be651204e623b2462a6b1682e157f98cfa01896a19fbce4f25f9d36359644e8801c8ecb1380d03a166871e64a3cdfc755f516239be7b9

    • SSDEEP

      24576:kadFF4OmgG8IS8UkKkikhkF6N1M3mRkP8c4RKYGvdWtu2qMB2Qa/pk5MkVE01Bdd:kQFBmxSnpuKYGvYtpI/jERgpOVVT33R7

    Score
    1/10
    • Target

      Wpf.Ui.dll

    • Size

      4.7MB

    • MD5

      2cd77d9a4a6ebf1276573273c8618f92

    • SHA1

      8d7eaf8c9c3c1e45d86648a135bb9d56671631cf

    • SHA256

      77f5ece2ec563bd7b4c2ec503e860eb4c8f7db224b1a9218b117fcc155483a52

    • SHA512

      5896bac0b7023ee0908ae12e6335b6e2bd046b637f753f1fa906b4c766fbc88f89681cbff0f77591b6c03913671268ac569e83c68d57008d6bb935bf7d8e42e7

    • SSDEEP

      98304:MRdtd/KGCvSmaRZ+nceNhD94j0AHDfyJrel:UdtMvNhD9

    Score
    1/10
    • Target

      fPoeSmoother.exe

    • Size

      1.8MB

    • MD5

      e7bc4056ca01c223875c40eab01cb9d1

    • SHA1

      72b08a05e49a61d43165d72cd7ab072b5b7a99fd

    • SHA256

      0c932b2c67c0b3a5816fab7b66f622367caa33eddf110a4d6317a906aa5a8bd3

    • SHA512

      9878802b7edc04b7cbb12b3ce0cea12f75a57edca3b5b35ac8528a421e376028517c691be6cd903d44c2342e258a42a501270880af9d09e9252ae51c9d0ff3ad

    • SSDEEP

      49152:ahQONPdzpDMjY91n+Zs4ZLJzODe4keLPq/VCi1QOoTdRus:xUN+ei0f2fVkdks

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks