Resubmissions

11-08-2024 18:50

240811-xg9eaasfln 8

11-08-2024 18:41

240811-xb31bawgma 8

11-08-2024 18:41

240811-xbw7rsscqp 1

11-08-2024 18:38

240811-w93xjasbrn 3

11-08-2024 18:17

240811-ww3plsvhra 6

11-08-2024 18:16

240811-wwlq4avhpb 1

11-08-2024 18:15

240811-wv93as1ejl 1

11-08-2024 17:52

240811-wf7cvszgmp 10

General

  • Target

    Screenshot 2024-08-06 212650.png

  • Size

    302KB

  • Sample

    240811-xb31bawgma

  • MD5

    8215cf98ee78db9c15eb03c1d565f6f9

  • SHA1

    03020983659e6d6c61631de0bfdec9a965ec5155

  • SHA256

    ea717e5576dbd3052c3429470ad4f3bc9bae374d4b9cc7d1c0e68055ec810543

  • SHA512

    8e16cdb25bd785bf11608fb983125f71394da0091fa9769ee8504194d0626fca1b66e08245ba6d52af1e498bc16635fcdaedf1dd6b4a77cf9a53d4cd5278a28e

  • SSDEEP

    6144:Rl53DXhOKICpEkz40IFGtwyYCzGpvgrUz9iYdwYIsQ1IxxeTMuG:RlxXgKI2xzdqG1ZTrURnuRsdxxe8

Score
8/10

Malware Config

Targets

    • Target

      Screenshot 2024-08-06 212650.png

    • Size

      302KB

    • MD5

      8215cf98ee78db9c15eb03c1d565f6f9

    • SHA1

      03020983659e6d6c61631de0bfdec9a965ec5155

    • SHA256

      ea717e5576dbd3052c3429470ad4f3bc9bae374d4b9cc7d1c0e68055ec810543

    • SHA512

      8e16cdb25bd785bf11608fb983125f71394da0091fa9769ee8504194d0626fca1b66e08245ba6d52af1e498bc16635fcdaedf1dd6b4a77cf9a53d4cd5278a28e

    • SSDEEP

      6144:Rl53DXhOKICpEkz40IFGtwyYCzGpvgrUz9iYdwYIsQ1IxxeTMuG:RlxXgKI2xzdqG1ZTrURnuRsdxxe8

    Score
    8/10
    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks