Resubmissions

17-06-2024 15:23

240617-ssg2ysvekg 1

14-06-2024 14:59

240614-scwkeavhlh 1

14-06-2024 14:57

240614-sbp18svgqf 10

14-06-2024 14:38

240614-rz3rkaydmj 10

14-06-2024 14:35

240614-ryblpaycpl 8

14-06-2024 14:33

240614-rwzkqsyckk 1

12-06-2024 15:02

240612-sem12stapl 4

General

  • Target

    Run desktop apps online.html

  • Size

    704KB

  • Sample

    240614-sbp18svgqf

  • MD5

    635f65de088d30a34365421858161354

  • SHA1

    c974e333c2851cc4e54132f0d5f4b133e1d2f468

  • SHA256

    e04bdafc01429711c069136a2caa54cf8b20d2cee700e576569de57f09a2f3c6

  • SHA512

    1d5dcfe9478960a6ac174c1b9d0c304f4f6dfbb725aaa94e737fc5155db061881c4c887d82cf8c327f32edd53af943b38dcb251e4eaac964b535a338b01656ef

  • SSDEEP

    6144:BwG+iY07vK2VAB671FszYJT1oj8lEKHZ98eROPx0yFTpM3vn0VuFs16DFktUAY5C:BwG+iY0ZR8OyFTIu7oGt

Score
10/10

Malware Config

Targets

    • Target

      Run desktop apps online.html

    • Size

      704KB

    • MD5

      635f65de088d30a34365421858161354

    • SHA1

      c974e333c2851cc4e54132f0d5f4b133e1d2f468

    • SHA256

      e04bdafc01429711c069136a2caa54cf8b20d2cee700e576569de57f09a2f3c6

    • SHA512

      1d5dcfe9478960a6ac174c1b9d0c304f4f6dfbb725aaa94e737fc5155db061881c4c887d82cf8c327f32edd53af943b38dcb251e4eaac964b535a338b01656ef

    • SSDEEP

      6144:BwG+iY07vK2VAB671FszYJT1oj8lEKHZ98eROPx0yFTpM3vn0VuFs16DFktUAY5C:BwG+iY0ZR8OyFTIu7oGt

    Score
    10/10
    • Modifies security service

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Privilege Escalation

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

3
T1012

System Information Discovery

4
T1082

Tasks