Resubmissions

12/03/2024, 14:32

240312-rwjvaada89 10

12/03/2024, 14:27

240312-rsqhnach88 10

General

  • Target

    g4.txt

  • Size

    731B

  • Sample

    240312-rsqhnach88

  • MD5

    f82736dcca9ccf1e8460707f48f51478

  • SHA1

    2210fe31ae5e82413301a8e91bce03cf1eb14246

  • SHA256

    e2228f06454d5c8033bb22ad4a81bbc3997e318bf34372a57232b51e8360f4d8

  • SHA512

    67c5be560f30f2299f91288215924fb96db32a73a2beab988f7cb38a721984ee0f8f986f43b2780c3574ad81ffbeb98b3d4112e9982f3e4ec2e80fde27014c5f

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://104.243.44.136:777/moh.jpg

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://nodejs.org/download/release/v6.17.1/win-x64/node.exe

Targets

    • Target

      g4.txt

    • Size

      731B

    • MD5

      f82736dcca9ccf1e8460707f48f51478

    • SHA1

      2210fe31ae5e82413301a8e91bce03cf1eb14246

    • SHA256

      e2228f06454d5c8033bb22ad4a81bbc3997e318bf34372a57232b51e8360f4d8

    • SHA512

      67c5be560f30f2299f91288215924fb96db32a73a2beab988f7cb38a721984ee0f8f986f43b2780c3574ad81ffbeb98b3d4112e9982f3e4ec2e80fde27014c5f

    Score
    10/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks