a66da29a821c28f6350a868dad8ce56cdd07d8df3ada93d366a1c8824c84e19a | Triage

Submit
Reports

Overview

overview

9

Static

static

a66da29a82...9a.exe

windows7-x64

9

a66da29a82...9a.exe

windows10-2004-x64

9

Sharing

General

Target

a66da29a821c28f6350a868dad8ce56cdd07d8df3ada93d366a1c8824c84e19a
Size

235KB
Sample

221123-xr62xaah2z
MD5

43e0a307e35613a3a0c1343c50bb15a0
SHA1

8e61bdd11a849fc3f3ae3a78fd451b28a8bc5e9e
SHA256

a66da29a821c28f6350a868dad8ce56cdd07d8df3ada93d366a1c8824c84e19a
SHA512

a553ce4707defaafd081a721714dc91455b156073fb7e7a59f8f973372988df62dd5ebf9e6b91bd0e119a381009d145227b2afea7ca1d28d3e5ac2469c94782c
SSDEEP

6144:0kDAgTSdKSBCtpRddkmtbn9yZXoiEeL532Vi8AmmIwp+:/l2BysmJ2XHEeL0V5Ahp+

Score

9^/10

Static task

static1

Behavioral task

behavioral1

Sample

a66da29a821c28f6350a868dad8ce56cdd07d8df3ada93d366a1c8824c84e19a.exe

Resource

win7-20220812-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

a66da29a821c28f6350a868dad8ce56cdd07d8df3ada93d366a1c8824c84e19a.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  a66da29a821c28f6350a868dad8ce56cdd07d8df3ada93d366a1c8824c84e19a
- Size
  
  235KB
- MD5
  
  43e0a307e35613a3a0c1343c50bb15a0
- SHA1
  
  8e61bdd11a849fc3f3ae3a78fd451b28a8bc5e9e
- SHA256
  
  a66da29a821c28f6350a868dad8ce56cdd07d8df3ada93d366a1c8824c84e19a
- SHA512
  
  a553ce4707defaafd081a721714dc91455b156073fb7e7a59f8f973372988df62dd5ebf9e6b91bd0e119a381009d145227b2afea7ca1d28d3e5ac2469c94782c
- SSDEEP
  
  6144:0kDAgTSdKSBCtpRddkmtbn9yZXoiEeL532Vi8AmmIwp+:/l2BysmJ2XHEeL0V5Ahp+
Score

9^/10
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy