Overview

overview

8

Static

static

1

3f24919268...09.lnk

windows7-x64

8

3f24919268...09.lnk

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    3f2491926888db2c9d6c7b1a426ff41e1cd4a13bc922156a814b9fe3032ff809.lnk

  • Size

    2KB

  • Sample

    240727-m3zf4awcrj

  • MD5

    a38b0a4d0768ba8ce7c73904b55ee9ff

  • SHA1

    a1a13ef45fcf88eaff3dcffba1fb2608aa07e3c8

  • SHA256

    3f2491926888db2c9d6c7b1a426ff41e1cd4a13bc922156a814b9fe3032ff809

  • SHA512

    4159cd37110d910624b8bb5c837e70668b3e6d795e1ab276ea32f5ab315509dedf11bd865d4c1be41f9cec698235453996939a0ac8a45f36a28a45bdf28b7cf8

Score
8/10
execution

Malware Config

Targets

    • Target

      3f2491926888db2c9d6c7b1a426ff41e1cd4a13bc922156a814b9fe3032ff809.lnk

    • Size

      2KB

    • MD5

      a38b0a4d0768ba8ce7c73904b55ee9ff

    • SHA1

      a1a13ef45fcf88eaff3dcffba1fb2608aa07e3c8

    • SHA256

      3f2491926888db2c9d6c7b1a426ff41e1cd4a13bc922156a814b9fe3032ff809

    • SHA512

      4159cd37110d910624b8bb5c837e70668b3e6d795e1ab276ea32f5ab315509dedf11bd865d4c1be41f9cec698235453996939a0ac8a45f36a28a45bdf28b7cf8

    Score
    8/10
    execution

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks