Resubmissions

08/03/2024, 16:16

240308-tqsw4sbe75 3

23/02/2024, 11:52

240223-n16ytsfd9s 7

General

  • Target

    MinedMap-2.1.0-x86_64-pc-windows-msvc.zip

  • Size

    1.7MB

  • Sample

    240223-n16ytsfd9s

  • MD5

    e24eb0d6257c3508f9210203ab236403

  • SHA1

    265abcb9dba56dd9697c815563395c080cab26b1

  • SHA256

    d5d58010fb3e7e3b53e80704ddcedb0d874022be08a85d1481924c5eba3707f9

  • SHA512

    162721c807dcff3d0e08b0983b7bd99e99520ba999450fb9d61ea3e4e2597fb19c1fb6fea3e431dce0b9a2e45aea745a1c37f1c9811808360e547ac8c807bd14

  • SSDEEP

    24576:PixKrRSS6HRklCThv4/3krMclbSpVXXClcV2z8EqFbPK53Rr24Pf9WUW+928vNPF:PLFiHWlCt4nS+pV8OFbQzTWo2uPcE

Malware Config

Targets

    • Target

      MinedMap-2.1.0-x86_64-pc-windows-msvc/minedmap.exe

    • Size

      4.7MB

    • MD5

      963997762ee3160f90fd5a83424043b2

    • SHA1

      017b16df6564db36b1a9fd87480844ddd14625a0

    • SHA256

      ebec3939dbbf9211cefe04a5968ffd6a10ca761e492ebe4dc1a38104885d0ec3

    • SHA512

      ee596c7d180064f166bf23cc96219ba80e7b3acd5cee1ff7ab18703eba1f7cd7668883cd0a9d163aea46a2ca83257dd1e8d811bfda732f9f4f26b38d029f9bb7

    • SSDEEP

      98304:orMwk32p/yinT2fwm/AqwN2nBkdh+mGJhMtWgXia:Ok37wN/+mGbM

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Registers COM server for autorun

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks