General

  • Target

    ef719443af1e1e189bf5ef3246ae5ad6f9f70096448b2806e67a34ba1effd361.exe

  • Size

    3.3MB

  • Sample

    240610-fbrtlscb8z

  • MD5

    17d98b424680c9936bf9d6499176ff0f

  • SHA1

    4269825eed0f659ca8ad112e87350f737ee9e763

  • SHA256

    ef719443af1e1e189bf5ef3246ae5ad6f9f70096448b2806e67a34ba1effd361

  • SHA512

    62e0909f893db0401ccf92c8e0b6644c4beabc67fd193e61ffcea2091ae00b233551996c7aef53b68915bb9ba3a0564b7f38e39004b203c494c7703865f2c15e

  • SSDEEP

    98304:yd8kA91J8veiW1dfkE716Hb+Lm9yWN9+J:dkA9r87WrkS16HiLUX+J

Score
9/10

Malware Config

Targets

    • Target

      ef719443af1e1e189bf5ef3246ae5ad6f9f70096448b2806e67a34ba1effd361.exe

    • Size

      3.3MB

    • MD5

      17d98b424680c9936bf9d6499176ff0f

    • SHA1

      4269825eed0f659ca8ad112e87350f737ee9e763

    • SHA256

      ef719443af1e1e189bf5ef3246ae5ad6f9f70096448b2806e67a34ba1effd361

    • SHA512

      62e0909f893db0401ccf92c8e0b6644c4beabc67fd193e61ffcea2091ae00b233551996c7aef53b68915bb9ba3a0564b7f38e39004b203c494c7703865f2c15e

    • SSDEEP

      98304:yd8kA91J8veiW1dfkE716Hb+Lm9yWN9+J:dkA9r87WrkS16HiLUX+J

    Score
    9/10
    • Detects executables packed with unregistered version of .NET Reactor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks