Overview

overview

10

Static

static

1

BrowserUpdater.lnk

windows7-x64

10

BrowserUpdater.lnk

windows10-2004-x64

10

Resubmissions

07-08-2024 21:06

240807-zxvl6sxfkf 10

06-08-2024 20:12

240806-yzbfmssgqc 10

06-08-2024 19:51

240806-yk45eaydrn 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BrowserUpdater.vhd

  • Size

    6.0MB

  • Sample

    240807-zxvl6sxfkf

  • MD5

    5714c27e55d82b9ff9d92c04eee9570e

  • SHA1

    78484dac3651e19d92bbd717769c696cae5da1ba

  • SHA256

    1e3c17c2b74ad7d0e3f646ec9fe2a5bb6bd9a2f5a2cf02c02fc4b5d432dede69

  • SHA512

    a63f236285d98375b904dddc1fa4db4ccbd7988b00f19690127bd93cbe7f759ed7fe80b0b4d1d1e4d86384c5f8496e7b80e9dc1e75692c68e3b7f7834a472189

  • SSDEEP

    96:fYgvmJUX3S7OkUX3S7OdyHywJOSk58/AQcsgffVxfA2NrXl:fFvuUnS7vUnS7GyHfJOSk5aAQlglJ

Score
10/10
execution

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

https://redr.me/g3boil/

Extracted

Language
hta
Source
URLs
hta.dropper

https://redr.me/g3boil/

Targets

    • Target

      BrowserUpdater.lnk

    • Size

      2KB

    • MD5

      7ed0b7e22f568d2eedaf956ba831d0a6

    • SHA1

      c073465e6ca109f2069f2e26f28525e66da54bee

    • SHA256

      7a6ad3868f0223896ceea378a056b2568ad6f6ca2e65baaa7b55e1033da3abd7

    • SHA512

      c718e67fb2554d7bbbac60a1a3dae6fe6bcdf4c06c0cababd8b623d52f1d306f9441c27deaaff269e129fb0dcecb17430480b1941b14d95a01d3ffd4c87887cd

    Score
    10/10
    execution

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks