General

  • Target

    329420121.dll.exe

  • Size

    1.5MB

  • Sample

    241107-za9sks1khp

  • MD5

    e048a38b366405790d5c59d3e2ad1528

  • SHA1

    8e65956f9351dd5b8a41758e6a441b4965d87ea8

  • SHA256

    a6dfe7f53cba439e3fc9592921055ec9136e21624dd6d40ef2fba61efca7e872

  • SHA512

    07cbab5299b2ed77ff3b0c7f7f7b91b6310c934342e5fa025d577faa3e13487968afea928108eda1afbdd3abe54eac579559f102ee83429803b6ac7f42fefd5f

  • SSDEEP

    24576:6G1Pw7wKZyoFJrwAhoZxvBJgvgTC0SQTyg8TIeuWohIZNgAMF:z1PUwSTS3Z0QOHd58

Score
8/10

Malware Config

Targets

    • Target

      329420121.dll.exe

    • Size

      1.5MB

    • MD5

      e048a38b366405790d5c59d3e2ad1528

    • SHA1

      8e65956f9351dd5b8a41758e6a441b4965d87ea8

    • SHA256

      a6dfe7f53cba439e3fc9592921055ec9136e21624dd6d40ef2fba61efca7e872

    • SHA512

      07cbab5299b2ed77ff3b0c7f7f7b91b6310c934342e5fa025d577faa3e13487968afea928108eda1afbdd3abe54eac579559f102ee83429803b6ac7f42fefd5f

    • SSDEEP

      24576:6G1Pw7wKZyoFJrwAhoZxvBJgvgTC0SQTyg8TIeuWohIZNgAMF:z1PUwSTS3Z0QOHd58

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

MITRE ATT&CK Enterprise v15

Tasks