General

  • Target

    netlimiter-5.3.14.0.exe

  • Size

    10.3MB

  • Sample

    240612-j9danawalf

  • MD5

    d7236661463ab9e967eb8612d795fece

  • SHA1

    53de81ddc66ee2fbc7519a55de370bc1e9442cbe

  • SHA256

    f41253001076fdd8b8fb578cf485ee4d280139ecac0913093fb8117841c903ec

  • SHA512

    15d812dace9753ae1c90dd5b4f0947da8125a264081b208831a28f5c3a60174b27a3ede2a1aae8cc282caf828250319e8ac8fd0f44ab0f34c308883633d49426

  • SSDEEP

    196608:J5gk9KH9qXYkFD9nJ5Ove0BbZOqCPVV1Ur2ukAIe2y13NW:ceKdV6IBBkjFAIe1HW

Score
8/10

Malware Config

Targets

    • Target

      netlimiter-5.3.14.0.exe

    • Size

      10.3MB

    • MD5

      d7236661463ab9e967eb8612d795fece

    • SHA1

      53de81ddc66ee2fbc7519a55de370bc1e9442cbe

    • SHA256

      f41253001076fdd8b8fb578cf485ee4d280139ecac0913093fb8117841c903ec

    • SHA512

      15d812dace9753ae1c90dd5b4f0947da8125a264081b208831a28f5c3a60174b27a3ede2a1aae8cc282caf828250319e8ac8fd0f44ab0f34c308883633d49426

    • SSDEEP

      196608:J5gk9KH9qXYkFD9nJ5Ove0BbZOqCPVV1Ur2ukAIe2y13NW:ceKdV6IBBkjFAIe1HW

    Score
    8/10
    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks