General
-
Target
2024_11_11_Product advertising hotpoint.pdf.lnk.download.lnk
-
Size
3.0MB
-
Sample
241119-pew26s1jgl
-
MD5
b13b2313a1ad80566d583eb7e3f57584
-
SHA1
c230467b0e68a503d07434b83243715b18eaac4a
-
SHA256
cb3e629a63bab6dbfb2f79aac1aa49b90b8aa6aada8da087c2f51c02e9503c6a
-
SHA512
dcb31fe8204603821a916b4efebf867d89c4fe1e22952753190513b073984415e702f32c2c8927333611ffc94cdfe539dd425483b8c23cd4c9b6f057c370aebb
-
SSDEEP
24:88iJVDjC7GYPMR9JBty+/DCiyUDd0N1dZ8KqddNXuHY8junsJkFThm:882DETS9JrpAqd0NWdLXuHHeN
Malware Config
Targets
-
-
Target
2024_11_11_Product advertising hotpoint.pdf.lnk.download.lnk
-
Size
3.0MB
-
MD5
b13b2313a1ad80566d583eb7e3f57584
-
SHA1
c230467b0e68a503d07434b83243715b18eaac4a
-
SHA256
cb3e629a63bab6dbfb2f79aac1aa49b90b8aa6aada8da087c2f51c02e9503c6a
-
SHA512
dcb31fe8204603821a916b4efebf867d89c4fe1e22952753190513b073984415e702f32c2c8927333611ffc94cdfe539dd425483b8c23cd4c9b6f057c370aebb
-
SSDEEP
24:88iJVDjC7GYPMR9JBty+/DCiyUDd0N1dZ8KqddNXuHY8junsJkFThm:882DETS9JrpAqd0NWdLXuHHeN
Score8/10-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-