General
-
Target
.
-
Size
16KB
-
Sample
240803-c7jakavglb
-
MD5
92ed46eb0d6ac99f50cdc219bf0e5a94
-
SHA1
7100c1b2a67a4f89272cd4d846ffa5fa0bda43a2
-
SHA256
90e8cc6bfe8f7240feacc059cca45a2eea58df19d956136d2468759cf4c75622
-
SHA512
0710ae450d6689b5cbc09806da884c550144c1be99ccfcf60876827f3ec3503c2372f468e36baf1c2a2ad61e780b54521a062d3e787fa30c21baa2b53bfe990b
-
SSDEEP
192:IJMUOjnv1xDSJI+JXJIJTJLJWlsZ6sfH516xLs9Iqo3C2drnX6CQeTnlz7G2Yzgc:IJdOzvhZvVoBrX607ZGNghYzYp0OU
Malware Config
Targets
-
-
Target
.
-
Size
16KB
-
MD5
92ed46eb0d6ac99f50cdc219bf0e5a94
-
SHA1
7100c1b2a67a4f89272cd4d846ffa5fa0bda43a2
-
SHA256
90e8cc6bfe8f7240feacc059cca45a2eea58df19d956136d2468759cf4c75622
-
SHA512
0710ae450d6689b5cbc09806da884c550144c1be99ccfcf60876827f3ec3503c2372f468e36baf1c2a2ad61e780b54521a062d3e787fa30c21baa2b53bfe990b
-
SSDEEP
192:IJMUOjnv1xDSJI+JXJIJTJLJWlsZ6sfH516xLs9Iqo3C2drnX6CQeTnlz7G2Yzgc:IJdOzvhZvVoBrX607ZGNghYzYp0OU
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks for any installed AV software in registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Network Service Discovery
Attempt to gather information on host's network.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Discovery
Browser Information Discovery
1Network Service Discovery
1Peripheral Device Discovery
2Query Registry
4Software Discovery
1Security Software Discovery
1System Information Discovery
5System Location Discovery
1System Language Discovery
1