Resubmissions

19-06-2024 02:56

240619-de4w8ssenf 10

19-06-2024 02:46

240619-c9g6aasdnh 10

19-06-2024 02:42

240619-c69fcssdlh 3

General

  • Target

    1.2.6.0.zip

  • Size

    18.3MB

  • Sample

    240619-de4w8ssenf

  • MD5

    7832f20352027c56624f7ee3de650179

  • SHA1

    2d6e888acf08a3c274f4baafde6ae9119eb7f786

  • SHA256

    394367fbf7fcaed9fce1ed15d17329b644538e5e1b7f5fa7b3ff55ca2d6ce658

  • SHA512

    219d226e7c1d17420741dd6d1f519857e344b953f0a51f474646b3ce5efc6e7f1ef224aa67f9f0be8a7d9c3fbb98265d5c743b2ba9c13383d2ef60250857f6a9

  • SSDEEP

    393216:DgbdmZZ0Jwuppkm/mC5DcaEbKVbDV5Hr+xphLg4H7OnaSBY8USJ1vBn86a9kWtw:sbY0hpk+jNcYBjHr+JLgwyaSBNH3vRXV

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    94.156.8.173
  • Port:
    21
  • Username:
    anonymous
  • Password:
    anonymous@

Targets

    • Target

      1.2.6.0/1.2.6.0.lnk

    • Size

      1KB

    • MD5

      ed1743440a109e87c91b9702c80303aa

    • SHA1

      d0214b75e865b7375ad60753165823738f14a674

    • SHA256

      bc267a377de2a1c28b9e484188153b1593b10f6d1b9e27e7a10532dbdfb8feeb

    • SHA512

      a965901436aea141d3246b90728ceffd6721d1f58f24bc6b69b0e44c0a656e17867aeb3cd42f52a78c32137c14db4e64c67646fcfbfd639a5aafee469c392dfc

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks