ae155dc991ec1d220880fd54396d304619653995e1bbe5eace9d2e9e5c469d5e | Triage

Submit
Reports

Overview

overview

9

Static

static

8

ae155dc991...5e.exe

windows7-x64

9

ae155dc991...5e.exe

windows10-2004-x64

9

Sharing

General

Target

ae155dc991ec1d220880fd54396d304619653995e1bbe5eace9d2e9e5c469d5e
Size

26KB
Sample

221123-lxna7sce65
MD5

cb1362cca1ec9c05473f3a2053e8f6ee
SHA1

e5cc10072e6908855edfa8d075c4d3c29ba9062f
SHA256

ae155dc991ec1d220880fd54396d304619653995e1bbe5eace9d2e9e5c469d5e
SHA512

d9410fb17c32d9f713a5a8534c423f03008b6c1847b598b4e0115e7e21f4a3ec9f8159d37be3a0670df99436eddff05d6534e97a6d9608bd0f048299c5efee2d
SSDEEP

768:bMPnOqDJJJJJJJDzaKqA8NCRj0lfAQTQ2c:mOqDJJJJJJJDzaKJ6CjHQTQ2c

Score

9^/10

upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ae155dc991ec1d220880fd54396d304619653995e1bbe5eace9d2e9e5c469d5e.exe

Resource

win7-20220812-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

ae155dc991ec1d220880fd54396d304619653995e1bbe5eace9d2e9e5c469d5e.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  ae155dc991ec1d220880fd54396d304619653995e1bbe5eace9d2e9e5c469d5e
- Size
  
  26KB
- MD5
  
  cb1362cca1ec9c05473f3a2053e8f6ee
- SHA1
  
  e5cc10072e6908855edfa8d075c4d3c29ba9062f
- SHA256
  
  ae155dc991ec1d220880fd54396d304619653995e1bbe5eace9d2e9e5c469d5e
- SHA512
  
  d9410fb17c32d9f713a5a8534c423f03008b6c1847b598b4e0115e7e21f4a3ec9f8159d37be3a0670df99436eddff05d6534e97a6d9608bd0f048299c5efee2d
- SSDEEP
  
  768:bMPnOqDJJJJJJJDzaKqA8NCRj0lfAQTQ2c:mOqDJJJJJJJDzaKJ6CjHQTQ2c
Score

9^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy