Overview

overview

10

Static

static

1

Pago.08.06...24.lnk

windows7-x64

10

Pago.08.06...24.lnk

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    07082024_0917_06082024_Pago.08.06.2024.rar

  • Size

    1KB

  • Sample

    240807-k9bbqsweqp

  • MD5

    08124c5b0f219b5c0c5ccf4436262e56

  • SHA1

    c8797e1366195e7b7ff66543a3c73c672c730599

  • SHA256

    d9087102e25a7a8e8c44126948e8a2a6cc1e770e2da9a7f281a7a0dc6f3b18d5

  • SHA512

    ce0e3f131f28f771ca71d1e324dbc352b74c7cf2d55e4f873626751f8795f68f3affb87a06338cac2ceb89e53381526a204acf1ae8fa4bdc11c9f087f7bdcc4f

Score
10/10
execution

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://www.requimacofradian.site/dfjbhskdbfvsdsfgsh/slbrgkshbrshkhrfgsbrgkwrebysubrybsurbgarag/hsbidfhbgysdhgdsfhbgsnldjgnbjlsghf/dthsgs.exe

Targets

    • Target

      Pago.08.06.2024/PAGO.08.06.2024.lnk.lnk

    • Size

      2KB

    • MD5

      2749db3c6137622987d1a124be784379

    • SHA1

      5f8dbf0c9c772fc2e22497588a108c81589feeda

    • SHA256

      ff729a62292bcada3eb6fca5f5f2d69e47806def1af454357498d6b5ec1c4982

    • SHA512

      14f574c6b9406f2533c9be8d316613f2d4acf381fd4840cb29a4bcf5fbb202c1cb3793dc3aa2ac2c41b20ada5f4289c28288f175fcf9f5bdc1c141b07235a806

    Score
    10/10
    execution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks