General

  • Target

    4e87a0794bf73d06ac1ce4a37e33eb832ff4c89fb9e4266490c7cef9229d27a7.zip

  • Size

    427KB

  • Sample

    240403-mbcs1sca5t

  • MD5

    ac6ede3b2dd26afd67098d45da192b60

  • SHA1

    b11fec4228a20ee88b4c7b09b9eec307a5ded012

  • SHA256

    0d68c224e052637eaf83d5cca57e86e85792dfc68e3fea4619cf78cab0c69614

  • SHA512

    2c646c99701cdd045c3f97cf7082270b4d611a5f3e0a21ccd22446758d0c6c017a9b58e69c19db15a221fa949c8c6411643b9e49266b03543ca17a5b3f287b43

  • SSDEEP

    12288:rE7nj8wBX3rgicONzZBX14WWjLW5jPPoSR:rEH8AXbgODUyFPgm

Score
7/10

Malware Config

Targets

    • Target

      4e87a0794bf73d06ac1ce4a37e33eb832ff4c89fb9e4266490c7cef9229d27a7

    • Size

      768KB

    • MD5

      11cf5ca49a6c354eb005fb24bdf6b1f0

    • SHA1

      c37b9b9fea73c95de363e8746ff305f4b23f0c28

    • SHA256

      4e87a0794bf73d06ac1ce4a37e33eb832ff4c89fb9e4266490c7cef9229d27a7

    • SHA512

      ac91cb1e00db5eab4dd2253f745703d95ea4fe086c4289da62088f40ea727e4b54205d230b4282d38df006c3aebb2522058e2737c90d426abf900368c9c6dbba

    • SSDEEP

      6144:jLPkIupKPUWqUzHwlyLqZucfo/4dQSP8AEcmqRYn/nCrK8cI1WaWQ0vOKO5DBHQp:3kXoDOUAuao/Kl9a9bQ+ZE1Qyu9

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks