General

  • Target

    ba829f9712d4e0f110c5328064c6015a

  • Size

    16KB

  • Sample

    240308-e2rqvsgb2v

  • MD5

    ba829f9712d4e0f110c5328064c6015a

  • SHA1

    d341415107426fa16b6a677bb858aedac9c34af7

  • SHA256

    65f35a51584aeca0f370fcdae6b8e0b0f5bde9567f107122a1768c534f7d4eac

  • SHA512

    c568154eafb98a0603ae9e076b592c3c92f454c9c0a4c7e54785e3d2203edf79ec8f85a9cac653e77458d685ea7419db13d53997452666e35d372e5bb5775ca2

  • SSDEEP

    384:Z6f8n07CxhZPx3O+b8LXjcuqeK/ATp+0BCi+/fK0:ZtImhBNO+bQQ/6pjBCiMfK0

Score
7/10

Malware Config

Targets

    • Target

      ba829f9712d4e0f110c5328064c6015a

    • Size

      16KB

    • MD5

      ba829f9712d4e0f110c5328064c6015a

    • SHA1

      d341415107426fa16b6a677bb858aedac9c34af7

    • SHA256

      65f35a51584aeca0f370fcdae6b8e0b0f5bde9567f107122a1768c534f7d4eac

    • SHA512

      c568154eafb98a0603ae9e076b592c3c92f454c9c0a4c7e54785e3d2203edf79ec8f85a9cac653e77458d685ea7419db13d53997452666e35d372e5bb5775ca2

    • SSDEEP

      384:Z6f8n07CxhZPx3O+b8LXjcuqeK/ATp+0BCi+/fK0:ZtImhBNO+bQQ/6pjBCiMfK0

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks