General

  • Target

    db52bc3ab880c00b75589606502365ae

  • Size

    134KB

  • Sample

    240321-ltvwwagg38

  • MD5

    db52bc3ab880c00b75589606502365ae

  • SHA1

    d0dee84d6eec58add5c8cf93f64a325f08e3718c

  • SHA256

    3460d95ebe19e3f9bae957565b2dac07f5f249311857a62596a287d07b01892c

  • SHA512

    c6c2775311b6c810504f2afd0d082295faea977cf862d383dd6d3307f6118db1da4abb571b5c8183637122fa9541d593ec350387ca7d93c555f75ff8f5096c81

  • SSDEEP

    3072:IitKB47iPP2ppsiW4PitxJ00vU970/9J4LcpsAW5A1Bdvi7fR/:KG7imqBvU9P3Kzi7f1

Score
7/10

Malware Config

Targets

    • Target

      db52bc3ab880c00b75589606502365ae

    • Size

      134KB

    • MD5

      db52bc3ab880c00b75589606502365ae

    • SHA1

      d0dee84d6eec58add5c8cf93f64a325f08e3718c

    • SHA256

      3460d95ebe19e3f9bae957565b2dac07f5f249311857a62596a287d07b01892c

    • SHA512

      c6c2775311b6c810504f2afd0d082295faea977cf862d383dd6d3307f6118db1da4abb571b5c8183637122fa9541d593ec350387ca7d93c555f75ff8f5096c81

    • SSDEEP

      3072:IitKB47iPP2ppsiW4PitxJ00vU970/9J4LcpsAW5A1Bdvi7fR/:KG7imqBvU9P3Kzi7f1

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks