General

  • Target

    66085ec20d2b85fa38b28e8b9b9677bcfb9878421f564ef140f2f71428a70e36

  • Size

    12KB

  • Sample

    240523-ac622aeb2v

  • MD5

    6800bdb8e0bfd0d57762b346fdf5c03e

  • SHA1

    9835f0143f70fc3afe57338da5996d9717d10cd9

  • SHA256

    66085ec20d2b85fa38b28e8b9b9677bcfb9878421f564ef140f2f71428a70e36

  • SHA512

    ef4f8958b4e9e5dd3cce884e37de60e7f4765b7801fe114a7a378ccf4deaaba251eff10ff4e7cfb6cae93e89082c8ea6eaf4c998cb9f8b0b2bfb814bb5f93827

  • SSDEEP

    192:3L29RBzDzeobchBj8JON1ON8ruvrEPEjr7Aha:b29jnbcvYJOSyuvvr7Ca

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source

Targets

    • Target

      66085ec20d2b85fa38b28e8b9b9677bcfb9878421f564ef140f2f71428a70e36

    • Size

      12KB

    • MD5

      6800bdb8e0bfd0d57762b346fdf5c03e

    • SHA1

      9835f0143f70fc3afe57338da5996d9717d10cd9

    • SHA256

      66085ec20d2b85fa38b28e8b9b9677bcfb9878421f564ef140f2f71428a70e36

    • SHA512

      ef4f8958b4e9e5dd3cce884e37de60e7f4765b7801fe114a7a378ccf4deaaba251eff10ff4e7cfb6cae93e89082c8ea6eaf4c998cb9f8b0b2bfb814bb5f93827

    • SSDEEP

      192:3L29RBzDzeobchBj8JON1ON8ruvrEPEjr7Aha:b29jnbcvYJOSyuvvr7Ca

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks