aa7d5e95bf180e0c12908504b755c9a279e5e4f75418e7e14c1ff35ca26fc6d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa7d5e95bf180e0c12908504b755c9a279e5e4f75418e7e14c1ff35ca26fc6d1
Size

3.9MB
Sample

230423-kqvahacd46
MD5

ce270081710132269ea24f9911015eed
SHA1

88a695f32ce72df1eafed88c48500c9240e9391c
SHA256

aa7d5e95bf180e0c12908504b755c9a279e5e4f75418e7e14c1ff35ca26fc6d1
SHA512

5314ac1b44140789750509ac20b4cfdb13b7ae1b56e85d38de8838d812184cf3fb5cf9ada3161ede20d73a88743fe5bc02695d585f9a00da182bf0cbf589ec72
SSDEEP

98304:bV2h+Hc1h2Qm05zfH6uSS+gZOheGQCeIFLOAkGkzdnEVomFHKnPV:btsHSS+gZOheqnFLOyomFHKnPV

Score

7^/10

Malware Config

Targets

- Target
  
  aa7d5e95bf180e0c12908504b755c9a279e5e4f75418e7e14c1ff35ca26fc6d1
- Size
  
  3.9MB
- MD5
  
  ce270081710132269ea24f9911015eed
- SHA1
  
  88a695f32ce72df1eafed88c48500c9240e9391c
- SHA256
  
  aa7d5e95bf180e0c12908504b755c9a279e5e4f75418e7e14c1ff35ca26fc6d1
- SHA512
  
  5314ac1b44140789750509ac20b4cfdb13b7ae1b56e85d38de8838d812184cf3fb5cf9ada3161ede20d73a88743fe5bc02695d585f9a00da182bf0cbf589ec72
- SSDEEP
  
  98304:bV2h+Hc1h2Qm05zfH6uSS+gZOheGQCeIFLOAkGkzdnEVomFHKnPV:btsHSS+gZOheqnFLOyomFHKnPV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2