21528bf36baec84c69ba452f21ce36b1c8c00265b36c0934e7865b8e5b24d05c | Triage

Sharing

General

Target

Mkt36_KitchenAid - Campaign Details for Partners(3-25).lnk
Size

2KB
Sample

250328-mvplxsvvd1
MD5

07b4eba7e4b2e17f5193b25962bc2620
SHA1

76781a09e6ddaab5c5cd262a0f8c637bc81449e6
SHA256

21528bf36baec84c69ba452f21ce36b1c8c00265b36c0934e7865b8e5b24d05c
SHA512

03773614fc0bf4b525a22881b51dc049365818cbec91465191cca3f3a2c34baebc9c5d450f2fc5a0f260c40a79db727d5ef1524d71089ff8c50d6c789756006b

Score

8^/10

execution

Malware Config

Targets

- Target
  
  Mkt36_KitchenAid - Campaign Details for Partners(3-25).lnk
- Size
  
  2KB
- MD5
  
  07b4eba7e4b2e17f5193b25962bc2620
- SHA1
  
  76781a09e6ddaab5c5cd262a0f8c637bc81449e6
- SHA256
  
  21528bf36baec84c69ba452f21ce36b1c8c00265b36c0934e7865b8e5b24d05c
- SHA512
  
  03773614fc0bf4b525a22881b51dc049365818cbec91465191cca3f3a2c34baebc9c5d450f2fc5a0f260c40a79db727d5ef1524d71089ff8c50d6c789756006b
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1