General

  • Target

    Supermarket.Simulator.Update.Build.13549742.To.Build.13569906.rar

  • Size

    8.6MB

  • Sample

    240302-sx9yjaeh93

  • MD5

    8ca04fd3f3fcc843a837e88bf4a047da

  • SHA1

    b642d4ba209bed9ab76b03a87355c73d6d7e7ff8

  • SHA256

    bb45169ba0f421d0746ce09789fd4f7fbafc3eecc1e6bb962c79cb8727ce0719

  • SHA512

    2b1340ef4e4c6925c3d6a78e6cb66756dcf1e9508183aa4a0c146d0470acefe1b723569b2d69175df92790dc4b97a259ee512cc2ea6993a93a976160af8c8135

  • SSDEEP

    196608:aDDRr5RubWeT03ftQDu4NksFwh4zQMdFKj:UDkCeTjDZqhwjc

Malware Config

Targets

    • Target

      Supermarket.Simulator.Update.Build.13549742.To.Build.13569906.rar

    • Size

      8.6MB

    • MD5

      8ca04fd3f3fcc843a837e88bf4a047da

    • SHA1

      b642d4ba209bed9ab76b03a87355c73d6d7e7ff8

    • SHA256

      bb45169ba0f421d0746ce09789fd4f7fbafc3eecc1e6bb962c79cb8727ce0719

    • SHA512

      2b1340ef4e4c6925c3d6a78e6cb66756dcf1e9508183aa4a0c146d0470acefe1b723569b2d69175df92790dc4b97a259ee512cc2ea6993a93a976160af8c8135

    • SSDEEP

      196608:aDDRr5RubWeT03ftQDu4NksFwh4zQMdFKj:UDkCeTjDZqhwjc

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks