General

  • Target

    53db959aae6e05d4b32989f5d2a570ac2f49471c803d4c2c829e46b42a390b82

  • Size

    2KB

  • Sample

    241115-s9y2ssxbkk

  • MD5

    8e09847a69f08ce53a5e585a0f16714c

  • SHA1

    1d5a161a57bf6a1d16857bef27661f0ca1801db2

  • SHA256

    53db959aae6e05d4b32989f5d2a570ac2f49471c803d4c2c829e46b42a390b82

  • SHA512

    f41953a1342d59625b06aae0a88755037c314678ae0d4e11a555df01635cf7b7d064e6806be47e058e2a546f2d569b0b270eb5cb7457922caa64f1f86b4f1568

Score
8/10

Malware Config

Targets

    • Target

      53db959aae6e05d4b32989f5d2a570ac2f49471c803d4c2c829e46b42a390b82

    • Size

      2KB

    • MD5

      8e09847a69f08ce53a5e585a0f16714c

    • SHA1

      1d5a161a57bf6a1d16857bef27661f0ca1801db2

    • SHA256

      53db959aae6e05d4b32989f5d2a570ac2f49471c803d4c2c829e46b42a390b82

    • SHA512

      f41953a1342d59625b06aae0a88755037c314678ae0d4e11a555df01635cf7b7d064e6806be47e058e2a546f2d569b0b270eb5cb7457922caa64f1f86b4f1568

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

    • An obfuscated cmd.exe command-line is typically used to evade detection.

MITRE ATT&CK Enterprise v15

Tasks