General

  • Target

    241026-vanswswdrh_pw_infected.zip

  • Size

    8.8MB

  • Sample

    241113-zc965askcm

  • MD5

    82e022a968912231c256367cc7029c02

  • SHA1

    75b2e07fc5b3a705e6225cb5f95089f47c3dc76a

  • SHA256

    ceb14b7e4b21acd79ccac5ab40102550e36290d24e22e946746cea9f16b7ccab

  • SHA512

    cc090853b9fda24d9e2944ddb41fb792156575e5cca316035afc4c163b55ccbcd6a6610757f7be845da8d8ec397563fcc4f13a41f2305387611d0535bfe7d35e

  • SSDEEP

    196608:vs5ACyUQna6PhmlSQwC6PJ6PHC+o2ZR3L7r24fLa:KbxkJ6PHC+oiD+

Malware Config

Targets

    • Target

      Youtube-Viewer Bot 1.9.rar

    • Size

      8.8MB

    • MD5

      6bdded86c456c53101b8c601ea63172e

    • SHA1

      f590418fb0f289c8cf69b97cb33b1499f768e66c

    • SHA256

      840406cb28ab8313449d95a684c9139ff68a41aaa4559559d03f1d274b9aa333

    • SHA512

      119b01711a48bfba5ba97ab21d5d89e92580270c01ffce8ed1bfad93ebf222519d323d94f9458afb91d5f9f18702d5df024e99a0ce1400fc7306275404879d1e

    • SSDEEP

      196608:vhUSPjQlgVs+Ac46ttQjasmoTxhlbwsjx+k44/dfBK7fiirdzp9FJ:qSJs+AMMXRhqsA74/df0xh

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks