Resubmissions

12/06/2024, 16:28

240612-tyx6ssvgpj 7

12/06/2024, 16:26

240612-txs6fs1fpf 7

General

  • Target

    Aslains_WoT_Modpack_Installer_v.1.25.0.0_06.exe

  • Size

    86.6MB

  • Sample

    240612-tyx6ssvgpj

  • MD5

    ed9ab4e0ed962f99932b6e7f8faf47e2

  • SHA1

    1e807734a870532f614bda76e10404dede8b5be0

  • SHA256

    298ea38b10a5183d5a9a7cabddcd96eafdab85373c1b5d75ca62aafb409f4153

  • SHA512

    5c53ae90e6e3b81bf3a1260df5d424e7714bbc6f67c428b975b53a4eb0c526c6047d903f7a94ac2b410427959f7d5a62fb7840bcbce2131566b5a61d1581dc21

  • SSDEEP

    1572864:Y0VW+AaqS/2icSqXnuc0fMikG6RBJ5ZQealtaSIJFghg:rRqS/2iy/iJwQeaXavwhg

Score
7/10

Malware Config

Targets

    • Target

      Aslains_WoT_Modpack_Installer_v.1.25.0.0_06.exe

    • Size

      86.6MB

    • MD5

      ed9ab4e0ed962f99932b6e7f8faf47e2

    • SHA1

      1e807734a870532f614bda76e10404dede8b5be0

    • SHA256

      298ea38b10a5183d5a9a7cabddcd96eafdab85373c1b5d75ca62aafb409f4153

    • SHA512

      5c53ae90e6e3b81bf3a1260df5d424e7714bbc6f67c428b975b53a4eb0c526c6047d903f7a94ac2b410427959f7d5a62fb7840bcbce2131566b5a61d1581dc21

    • SSDEEP

      1572864:Y0VW+AaqS/2icSqXnuc0fMikG6RBJ5ZQealtaSIJFghg:rRqS/2iy/iJwQeaXavwhg

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks