ba149fed2c174ea06c1665b806c0169346fd3996b4df5df1278ca94535d1f8e9 | Triage

Submit
Reports

Overview

overview

9

Static

static

ba149fed2c...e9.exe

windows7-x64

9

ba149fed2c...e9.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

ba149fed2c174ea06c1665b806c0169346fd3996b4df5df1278ca94535d1f8e9
Size

181KB
Sample

221028-ylg19sdaf6
MD5

0e0a2d5fec319039aaff1c82bfce90a0
SHA1

cdfc0793cb12e1df7f8dcb74530dc3bd0c658255
SHA256

ba149fed2c174ea06c1665b806c0169346fd3996b4df5df1278ca94535d1f8e9
SHA512

6746b383d44dcfb2159858e05226bc69e49af22b32bbb5b40d3a0c57c1480ec9614673073e647428216c1bfa82ff64f97db42540948dd86df9235a655e48b3d4
SSDEEP

3072:hODZGExvBM6tTjYAo17uD6uFAc9cIyPOUYqzWwZ5hbmRtsFYwln:hsZPxvK6tXo17u6uFxc35imZmR+n

Score

9^/10

Static task

static1

Behavioral task

behavioral1

Sample

ba149fed2c174ea06c1665b806c0169346fd3996b4df5df1278ca94535d1f8e9.exe

Resource

win7-20220901-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ba149fed2c174ea06c1665b806c0169346fd3996b4df5df1278ca94535d1f8e9.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  ba149fed2c174ea06c1665b806c0169346fd3996b4df5df1278ca94535d1f8e9
- Size
  
  181KB
- MD5
  
  0e0a2d5fec319039aaff1c82bfce90a0
- SHA1
  
  cdfc0793cb12e1df7f8dcb74530dc3bd0c658255
- SHA256
  
  ba149fed2c174ea06c1665b806c0169346fd3996b4df5df1278ca94535d1f8e9
- SHA512
  
  6746b383d44dcfb2159858e05226bc69e49af22b32bbb5b40d3a0c57c1480ec9614673073e647428216c1bfa82ff64f97db42540948dd86df9235a655e48b3d4
- SSDEEP
  
  3072:hODZGExvBM6tTjYAo17uD6uFAc9cIyPOUYqzWwZ5hbmRtsFYwln:hsZPxvK6tXo17u6uFxc35imZmR+n
Score

9^/10
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy