General
-
Target
84297536d9873d971dcc783ae2f95af8cbf32c65fccf3c8687af2ba5294b7f30.lnk
-
Size
148KB
-
Sample
240517-b3bt9abf55
-
MD5
d39a73de9f109e3dba408e9481998206
-
SHA1
30651dada81443db0fde9c3a336955d27b6d9024
-
SHA256
84297536d9873d971dcc783ae2f95af8cbf32c65fccf3c8687af2ba5294b7f30
-
SHA512
09c8954ecabbeb36aeb8804858168eb1448f5894c1641a1ba5311f2b33aaeb24814734d0b1f7e777f22910c53bb9df500801907a603d8d71fba139705f444d61
-
SSDEEP
24:8WEe6Dz358m+pyAWkr+/4x+sPxZvBG0qdd79ds/Z6U/ab9Q9qFBm:8WENDzKvZbnvBG7dJ9A6U/a5QW
Malware Config
Extracted
https://invoiceinformations.com/InvoiceInfo/Evernote-Invoice
Extracted
https://invoiceinformations.com/InvoiceInfo/Evernote-Invoice
Targets
-
-
Target
84297536d9873d971dcc783ae2f95af8cbf32c65fccf3c8687af2ba5294b7f30.lnk
-
Size
148KB
-
MD5
d39a73de9f109e3dba408e9481998206
-
SHA1
30651dada81443db0fde9c3a336955d27b6d9024
-
SHA256
84297536d9873d971dcc783ae2f95af8cbf32c65fccf3c8687af2ba5294b7f30
-
SHA512
09c8954ecabbeb36aeb8804858168eb1448f5894c1641a1ba5311f2b33aaeb24814734d0b1f7e777f22910c53bb9df500801907a603d8d71fba139705f444d61
-
SSDEEP
24:8WEe6Dz358m+pyAWkr+/4x+sPxZvBG0qdd79ds/Z6U/ab9Q9qFBm:8WENDzKvZbnvBG7dJ9A6U/a5QW
Score10/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-