General

  • Target

    841e907775062ded0964e8d107d4c9725b4915a285636c1b5d9bce1390d01fab

  • Size

    2KB

  • Sample

    241113-jyrnxaxlex

  • MD5

    484ead0f6e0ef0b2a3d643891e29c059

  • SHA1

    b34d2db4ff2ebbb86067d504d7f4f0647123bbff

  • SHA256

    841e907775062ded0964e8d107d4c9725b4915a285636c1b5d9bce1390d01fab

  • SHA512

    726dfb270b5fb1fd2d1485c1278c24657f8b963d31b3aeec59fa4620c50c84d9c4c8cc30ed8af51532163e065ab681c4c8dd7823b5b749d3023bffb550899bdc

Score
8/10

Malware Config

Targets

    • Target

      841e907775062ded0964e8d107d4c9725b4915a285636c1b5d9bce1390d01fab

    • Size

      2KB

    • MD5

      484ead0f6e0ef0b2a3d643891e29c059

    • SHA1

      b34d2db4ff2ebbb86067d504d7f4f0647123bbff

    • SHA256

      841e907775062ded0964e8d107d4c9725b4915a285636c1b5d9bce1390d01fab

    • SHA512

      726dfb270b5fb1fd2d1485c1278c24657f8b963d31b3aeec59fa4620c50c84d9c4c8cc30ed8af51532163e065ab681c4c8dd7823b5b749d3023bffb550899bdc

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

    • An obfuscated cmd.exe command-line is typically used to evade detection.

MITRE ATT&CK Enterprise v15

Tasks