ccadc29a1c68e7b047ed4b7a7f178f48cf776ae19ae69abf856779e66157da02 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

vox_windows_x64.zip
Size

810KB
Sample

240310-j7klysgb38
MD5

91ec608ce98cec20aacae6df7ce7b4db
SHA1

a9cd95ace0e25dda4b51723c2cfdf662fbd27ca5
SHA256

ccadc29a1c68e7b047ed4b7a7f178f48cf776ae19ae69abf856779e66157da02
SHA512

30f80107bfa9e8458fe9552fa2fb3a1900f6cb426ecbee55d8e86ac3c68870ca1f6601c97ba2f0e64cebaaaf2d5c9aee2ad2dd2f32e10c20041258d3fb9401fb
SSDEEP

12288:VbCYstN1qZHAiLeuER1xn0S4hI2mCGgnIhoAkrDn0FksvmJ+dEyPFrgRrURJJSpW:9CFNOHTJE94ACGLM0CUmc2w6eDMc8mJj

Score

7^/10

Malware Config

Targets

- Target
  
  Roboto-Regular.ttf
- Size
  
  141KB
- MD5
  
  54a91b0619ccf9373d525109268219dc
- SHA1
  
  1d1d41fcadc571decb6444211b7993b99ce926e2
- SHA256
  
  b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f
- SHA512
  
  7f79ff3b42a672371814f42814aa5646328b1a314691d30ce09ffdc7a322adcb1af66625274f7fac024ca2f22a42b625001735711c430faef6e077e1f1d24887
- SSDEEP
  
  3072:ENAluNu8V5ZftwYlLzEeNgHS2pOpdO4WqLpMaSZFKVet:ENAH8XZuadpZuFw+
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  libwinpthread-1.dll
- Size
  
  314KB
- MD5
  
  19fd8dc161af7fafb7058efec10582da
- SHA1
  
  b66120aefa948337329cc55a5b8d067854d3e86a
- SHA256
  
  2d46ecc3a1fe6e487f4842a67c9912652314a9658e2beb821e92db5f0ff6387c
- SHA512
  
  fc2f9c25e5ae30d76685653a1f0d439edd704537c6e7db591a9c447f8bd20094840191de501bec3f162c28fd1ef241029fe5b48b9050426200dd7f06767fc0a5
- SSDEEP
  
  6144:Wc2Pm3YlmoUCjkYCQC5lWLm8wFblNPXY1dlAeNbXUM3922in:x2Pm3YgoF4YelaA0zBXUM3922w
Score

1^/10
behavioral3 behavioral4
- Target
  
  vox.exe
- Size
  
  1.2MB
- MD5
  
  adc18b198b4a1ba90ccf239f4f78ee8a
- SHA1
  
  354efad81c80db3b22e1761aa504310177c5cb52
- SHA256
  
  b6820847173e71a0f41c0533005fb807421cd91386944a7ddf193e3f04664f0f
- SHA512
  
  ebf92d0d008e33b8a6f9c25dccfd8c58a6ff828e06bbeea3f59833ce31db920ed718d45322b47fac73a588ebe180bae57f1f5a9e173e9adb9f0bce7a168aff7e
- SSDEEP
  
  24576:SORQazsorqjXHuq/4wBWdcOhdt+F8Mh3ipZ+m:/RPsorqj3u8BYVteF
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6