General

  • Target

    index.exe

  • Size

    36.0MB

  • Sample

    240612-fw8yma1hlf

  • MD5

    fbfdab69afe3bfbb711bca4a493e99d9

  • SHA1

    ddeda2c25f67a8f414bdf2e95081a6756c590057

  • SHA256

    762071352159342f4996540b857395a7d7f5e49b4af62bdde266ba3f9fba07b3

  • SHA512

    65beb2afc1edfbfa5adf6ef282d6aeb00499add1181d418ad92035678b74b73b8ad9fcc135eec267705852c56e5b5c6083f24f3fcbb44f84ed5971b4d3abe776

  • SSDEEP

    393216:f1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYfH:fMguj8Q4VfvAqFTrYB

Score
7/10

Malware Config

Targets

    • Target

      index.exe

    • Size

      36.0MB

    • MD5

      fbfdab69afe3bfbb711bca4a493e99d9

    • SHA1

      ddeda2c25f67a8f414bdf2e95081a6756c590057

    • SHA256

      762071352159342f4996540b857395a7d7f5e49b4af62bdde266ba3f9fba07b3

    • SHA512

      65beb2afc1edfbfa5adf6ef282d6aeb00499add1181d418ad92035678b74b73b8ad9fcc135eec267705852c56e5b5c6083f24f3fcbb44f84ed5971b4d3abe776

    • SSDEEP

      393216:f1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYfH:fMguj8Q4VfvAqFTrYB

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks