General

  • Target

    df7022a137894b7bf6a10323cee99e69

  • Size

    3.2MB

  • Sample

    240326-sbfgsscf64

  • MD5

    df7022a137894b7bf6a10323cee99e69

  • SHA1

    246c1a5790c0249abbd20a1b234d6b1cc4a56338

  • SHA256

    eea7285f1d77894b0145e24f959176bef941860a4633d270ac03baac41ab6ff9

  • SHA512

    49d59185c717a32fef7f25a7bc03aa6dc3640b5e625c23081b63c3e26857746185fcb47c5844d4911e703eba482953ce3b5e1f42b06f7de079e7a45c5bbed91e

  • SSDEEP

    98304:9kjozJ9/im8XVBKl6t1buVfRhq+5tXzgCa/T:hzJpjS346t1bIfuq07

Score
7/10

Malware Config

Targets

    • Target

      df7022a137894b7bf6a10323cee99e69

    • Size

      3.2MB

    • MD5

      df7022a137894b7bf6a10323cee99e69

    • SHA1

      246c1a5790c0249abbd20a1b234d6b1cc4a56338

    • SHA256

      eea7285f1d77894b0145e24f959176bef941860a4633d270ac03baac41ab6ff9

    • SHA512

      49d59185c717a32fef7f25a7bc03aa6dc3640b5e625c23081b63c3e26857746185fcb47c5844d4911e703eba482953ce3b5e1f42b06f7de079e7a45c5bbed91e

    • SSDEEP

      98304:9kjozJ9/im8XVBKl6t1buVfRhq+5tXzgCa/T:hzJpjS346t1bIfuq07

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

MITRE ATT&CK Enterprise v15

Tasks