General

  • Target

    22-05-2024_pKihY9plZHttTVH.zip

  • Size

    11.2MB

  • Sample

    240522-gdg8madh4v

  • MD5

    abf5bab880ae3a92ca9626cff24df97a

  • SHA1

    36a0173d0eae1667b944a793efeeaeee4f6a5515

  • SHA256

    df5ba84155f8a99703f95509097a8d290d017702263436a429b9d3f6fd4ac8c1

  • SHA512

    a6e7f8c991074640c8e7537d733dcb97f4f03d2ad8c9870dfa15a61d5d9b9b8c78d71474eecf5b773fbf0c5a41d9d0906a50cb6c93e22f5ff9940079d4a86137

  • SSDEEP

    196608:6OlbN7LcyE6Ds3PvgvBIZsqL5mJ5/toSAHTDCr5ytmQsimG5TBfaZ5wJPkmt4coV:Np74yEeGnc+Zsw+2HTmyci1TBfabqgmu

Malware Config

Targets

    • Target

      CollapseLoader_1.2.4_CHEATER.FUN/CHEATER.FUN.url

    • Size

      46B

    • MD5

      ff08f90a8c84c9a07e3a9f99225852a2

    • SHA1

      bef8efaac1e01dafd8951f7ceca3adcc2152eab2

    • SHA256

      016e97e28f1b9dc53eec83bff19b249682dbc695f40840261c1f0f42b08f3c32

    • SHA512

      475bc83262577b2adc705150555af298fe60f85468d0b210202c43a6b1f7ccf7aed3c7a0aaa154caf12e655035ad94ea17ed00eae05aed948e312d8289c30144

    Score
    6/10
    • Target

      CollapseLoader_1.2.4_CHEATER.FUN/CollapseLoader_8dd66eb.exe

    • Size

      11.4MB

    • MD5

      90a7f4bf08814e1aa84505a1d8f0be18

    • SHA1

      e2999b9afaf935b84ccdafa15977dc343946bb3a

    • SHA256

      6478bae99b72255a7456c49fae6d7ec6763e0a59ba0538e03505fe70c5d4156b

    • SHA512

      dafd5243350e9731583449c03f3ce185d353db5921d66098838df9b8c5ebaac4a4ca10a035bf12523bc3f1bf357934d9b19f4263d4d524b1078b71edab5dacba

    • SSDEEP

      196608:2nxgeofXnxurErvI9pWjl1D1DEzx7sKbSE+cFAkj0WllG9o3nv1IbuNfvcnELKId:ljfBurEUWjP5EhyMIsv5VcYZd

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks