Resubmissions

23/02/2024, 13:06

240223-qcaxlagh64 7

23/02/2024, 12:51

240223-p3xnlsgf64 7

23/02/2024, 12:34

240223-prvd4sgc56 8

General

  • Target

    PollyMC-Windows-MinGW-w64-Setup-8.0.exe

  • Size

    36.6MB

  • Sample

    240223-p3xnlsgf64

  • MD5

    77f098ad333889de410f665e4f9a8702

  • SHA1

    6b8e8abe6a374f02a88058961f180818cfcf7670

  • SHA256

    1c04ed11ce29fcfc3186144f0f907b70296132eb3db89044463cb14b97eb87d0

  • SHA512

    711326a015e02dd4789023fbefeaedc769d0ef33668497c107cb3c512a2acc2fa312d3cd5011d3a510ccb87ce236bfe0fc1d4b253b332c2e6ecd9ff6e7c6af9c

  • SSDEEP

    786432:2KQbhz5LGoCjmcE/ppyp22HaxvPAXkFeOLV61DDKr0wlqDIgtQ:2FLCjmphS2iSvfJLQxKr0wlw2

Score
7/10

Malware Config

Targets

    • Target

      PollyMC-Windows-MinGW-w64-Setup-8.0.exe

    • Size

      36.6MB

    • MD5

      77f098ad333889de410f665e4f9a8702

    • SHA1

      6b8e8abe6a374f02a88058961f180818cfcf7670

    • SHA256

      1c04ed11ce29fcfc3186144f0f907b70296132eb3db89044463cb14b97eb87d0

    • SHA512

      711326a015e02dd4789023fbefeaedc769d0ef33668497c107cb3c512a2acc2fa312d3cd5011d3a510ccb87ce236bfe0fc1d4b253b332c2e6ecd9ff6e7c6af9c

    • SSDEEP

      786432:2KQbhz5LGoCjmcE/ppyp22HaxvPAXkFeOLV61DDKr0wlqDIgtQ:2FLCjmphS2iSvfJLQxKr0wlw2

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks