Resubmissions

26-02-2024 07:34

240226-jd6mbsgf3z 10

26-01-2024 04:29

240126-e4cpqafcdp 10

General

  • Target

    2024-01-26_6a801424860b7e86639254592bbc84b1_darkside

  • Size

    145KB

  • Sample

    240226-jd6mbsgf3z

  • MD5

    6a801424860b7e86639254592bbc84b1

  • SHA1

    6e5a6170260e06a00c90e975fe8c98489b7a0d03

  • SHA256

    6fcee00c908b40aac5a7e50007f485fc35ebfbdc2ae6a6d5e0a1f37636caca75

  • SHA512

    75740fd2f7094a1b9c55d84caf5ff620c888c3e13ce1ecb983c978e2f5dbaa07d4cae5d9cd5563f85e96cd027d11def5beb6fb6607b9dc219e67196fe0ebb92e

  • SSDEEP

    3072:k6glyuxE4GsUPnliByocWep/YiIp6tcPS:k6gDBGpvEByocWe9YGu6

Score
10/10

Malware Config

Targets

    • Target

      2024-01-26_6a801424860b7e86639254592bbc84b1_darkside

    • Size

      145KB

    • MD5

      6a801424860b7e86639254592bbc84b1

    • SHA1

      6e5a6170260e06a00c90e975fe8c98489b7a0d03

    • SHA256

      6fcee00c908b40aac5a7e50007f485fc35ebfbdc2ae6a6d5e0a1f37636caca75

    • SHA512

      75740fd2f7094a1b9c55d84caf5ff620c888c3e13ce1ecb983c978e2f5dbaa07d4cae5d9cd5563f85e96cd027d11def5beb6fb6607b9dc219e67196fe0ebb92e

    • SSDEEP

      3072:k6glyuxE4GsUPnliByocWep/YiIp6tcPS:k6gDBGpvEByocWe9YGu6

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks