General

  • Target

    95eaf567046e52488fff8b37531afc7a5b4f391bd66ac46a456e7a4cff715198

  • Size

    12KB

  • Sample

    240523-bnktlsgb7v

  • MD5

    fe908cfe97274ea66ed2a5b05d3ec0f4

  • SHA1

    7a04aeb78f065ffae68e69164a09e33ab340a058

  • SHA256

    95eaf567046e52488fff8b37531afc7a5b4f391bd66ac46a456e7a4cff715198

  • SHA512

    aacfb3204da6387e2b0c5d5982fa9881b8aa1257bd450490decce0c79ad60c093b551795baf8e19d9193228ed3037ec71b957ec8ed4a2b171de3144b875991fb

  • SSDEEP

    192:/L29RBzDzeobchBj8JONkON5RoruKrEPEjr7AhH:T29jnbcvYJONCuKvr7CH

Score
10/10

Malware Config

Targets

    • Target

      95eaf567046e52488fff8b37531afc7a5b4f391bd66ac46a456e7a4cff715198

    • Size

      12KB

    • MD5

      fe908cfe97274ea66ed2a5b05d3ec0f4

    • SHA1

      7a04aeb78f065ffae68e69164a09e33ab340a058

    • SHA256

      95eaf567046e52488fff8b37531afc7a5b4f391bd66ac46a456e7a4cff715198

    • SHA512

      aacfb3204da6387e2b0c5d5982fa9881b8aa1257bd450490decce0c79ad60c093b551795baf8e19d9193228ed3037ec71b957ec8ed4a2b171de3144b875991fb

    • SSDEEP

      192:/L29RBzDzeobchBj8JONkON5RoruKrEPEjr7AhH:T29jnbcvYJONCuKvr7CH

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks