General

  • Target

    theone.txt

  • Size

    227KB

  • Sample

    241113-efyx2swdrp

  • MD5

    159609889dfa89a0a3a6e1fde1ca1b76

  • SHA1

    fce53276c63572448e8af3ea8e41112b10edd051

  • SHA256

    8101b388cc8a6a9c948f8d71de9938702b5c25978d804769c8c20fe258adc959

  • SHA512

    662f85b9d56ab29007c025c235100ae81422962a89f7db597f6f04603b5dde18c01731e08f9ec8686e376b4a991a92f35a027c2189a61a9af3f943bc986103cc

  • SSDEEP

    3072:RZrgoOttTuTzC9aBCIi1Fgeiv+kVkZNfvfi3oS/hnKstKPrh1+NAtjwK4l:RZrXwXM+fNfXaoS/M6KON2jwK4l

Score
7/10

Malware Config

Targets

    • Target

      theone.txt

    • Size

      227KB

    • MD5

      159609889dfa89a0a3a6e1fde1ca1b76

    • SHA1

      fce53276c63572448e8af3ea8e41112b10edd051

    • SHA256

      8101b388cc8a6a9c948f8d71de9938702b5c25978d804769c8c20fe258adc959

    • SHA512

      662f85b9d56ab29007c025c235100ae81422962a89f7db597f6f04603b5dde18c01731e08f9ec8686e376b4a991a92f35a027c2189a61a9af3f943bc986103cc

    • SSDEEP

      3072:RZrgoOttTuTzC9aBCIi1Fgeiv+kVkZNfvfi3oS/hnKstKPrh1+NAtjwK4l:RZrXwXM+fNfXaoS/M6KON2jwK4l

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks