Overview

overview

8

Static

static

1

message (1).txt

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    message (1).txt

  • Size

    191KB

  • Sample

    240809-3q7jyazbjb

  • MD5

    3c3da659310c15711a6870372170f514

  • SHA1

    5a6f63714c7b6cde81f88c9e6e1dd30548e66d96

  • SHA256

    74ad0baac9e60a9c3d59665fca744a440290de704218caad1640e8de43c6b031

  • SHA512

    c966b653bf21fa0a34ff5a542f8fa6b2b9d86e040c87a22209ce3dee1af014b88537340fbf6c677228a164ee759379bdc511942d18f4e09ab41f8547544ee002

  • SSDEEP

    3072:xNIg3BOa76nps+iRywxwJRJwTpKg3FLfXcPAOPgwm1Qi0whJ:x+uBrlHs/Og2AnPgR1

Score
8/10
discoveryexecution

Malware Config

Targets

    • Target

      message (1).txt

    • Size

      191KB

    • MD5

      3c3da659310c15711a6870372170f514

    • SHA1

      5a6f63714c7b6cde81f88c9e6e1dd30548e66d96

    • SHA256

      74ad0baac9e60a9c3d59665fca744a440290de704218caad1640e8de43c6b031

    • SHA512

      c966b653bf21fa0a34ff5a542f8fa6b2b9d86e040c87a22209ce3dee1af014b88537340fbf6c677228a164ee759379bdc511942d18f4e09ab41f8547544ee002

    • SSDEEP

      3072:xNIg3BOa76nps+iRywxwJRJwTpKg3FLfXcPAOPgwm1Qi0whJ:x+uBrlHs/Og2AnPgR1

    Score
    8/10
    discoveryexecution

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Network Service Discovery

      Attempt to gather information on host's network.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks