c9695e22dbe0a55a35798686fde59ef0163bc102e17bceb2308c701fc4565dab | Triage

Sharing

General

Target

c8a24cba465729b83e9d599b7423bd0d
Size

73KB
Sample

240314-ptmr2sed46
MD5

c8a24cba465729b83e9d599b7423bd0d
SHA1

2c4193f3ea2c7139f763851d71e2bf492b2b4b35
SHA256

c9695e22dbe0a55a35798686fde59ef0163bc102e17bceb2308c701fc4565dab
SHA512

288a1b196ad31175f64adb34c9700b3cc4f4cfed3ef57407da507aeb2f40e66087ac872259ee7362ff32979313bbab277890da6b16e68ce003b515483249bfce
SSDEEP

1536:/rdbYATibOA9WOOQ9Ry98guHVBqqg2bcruayUHmLKeZaMU7GwbWBPwVGWl9SZ8kI:/rZTC9N59Ry98guHVBqqg2bcruzUHmLC

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

http://smart-integrator.hr/pornhub.php

Targets

- Target
  
  c8a24cba465729b83e9d599b7423bd0d
- Size
  
  73KB
- MD5
  
  c8a24cba465729b83e9d599b7423bd0d
- SHA1
  
  2c4193f3ea2c7139f763851d71e2bf492b2b4b35
- SHA256
  
  c9695e22dbe0a55a35798686fde59ef0163bc102e17bceb2308c701fc4565dab
- SHA512
  
  288a1b196ad31175f64adb34c9700b3cc4f4cfed3ef57407da507aeb2f40e66087ac872259ee7362ff32979313bbab277890da6b16e68ce003b515483249bfce
- SSDEEP
  
  1536:/rdbYATibOA9WOOQ9Ry98guHVBqqg2bcruayUHmLKeZaMU7GwbWBPwVGWl9SZ8kI:/rZTC9N59Ry98guHVBqqg2bcruzUHmLC
Score

10^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2