1aeb51a19fb0162d8c0cf5bc27f666a2885d4497b1738f6ad9c7125a8bc3c2d9 | Triage

Submit
Reports

Overview

overview

8

Static

static

1aeb51a19f...d9.iso

windows10-2004-x64

8

Sharing

General

Target

1aeb51a19fb0162d8c0cf5bc27f666a2885d4497b1738f6ad9c7125a8bc3c2d9.iso
Size

2.2MB
Sample

221123-s644msdb89
MD5

433a0a097c40a68bd4eca0835ec2184a
SHA1

f8392615cfe5b99f806e6cd41017abec0d0c8ecc
SHA256

1aeb51a19fb0162d8c0cf5bc27f666a2885d4497b1738f6ad9c7125a8bc3c2d9
SHA512

260c6d4f893132c7944c02e88a25e50aaa7439c4b697e23cff50696abb4ae24b445eac49dfbc38834d154f6b8ab31bdd2f85935cb11f516eed95597c1876f8f9
SSDEEP

12288:1vv4GnTnYe1RvjMYTig+63sdEnmYRDJNh+7ShcBh2OQBnnnnnnEtbdjdvwKx:1vhnbRBhirxdEdBJumhcz2dBnnARu

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

1aeb51a19fb0162d8c0cf5bc27f666a2885d4497b1738f6ad9c7125a8bc3c2d9.iso

Resource

win10v2004-20220901-en

windows10-2004-x64

15 signatures

300 seconds

Malware Config

Targets

- Target
  
  1aeb51a19fb0162d8c0cf5bc27f666a2885d4497b1738f6ad9c7125a8bc3c2d9.iso
- Size
  
  2.2MB
- MD5
  
  433a0a097c40a68bd4eca0835ec2184a
- SHA1
  
  f8392615cfe5b99f806e6cd41017abec0d0c8ecc
- SHA256
  
  1aeb51a19fb0162d8c0cf5bc27f666a2885d4497b1738f6ad9c7125a8bc3c2d9
- SHA512
  
  260c6d4f893132c7944c02e88a25e50aaa7439c4b697e23cff50696abb4ae24b445eac49dfbc38834d154f6b8ab31bdd2f85935cb11f516eed95597c1876f8f9
- SSDEEP
  
  12288:1vv4GnTnYe1RvjMYTig+63sdEnmYRDJNh+7ShcBh2OQBnnnnnnEtbdjdvwKx:1vhnbRBhirxdEdBJumhcz2dBnnARu
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy