28272caadd4df846e1f19ca4c5932fa3ec0348f0e36a8e1395a30b2a005c7656 | Triage

Submit
Reports

Overview

overview

Static

static

3

ATLauncher....0.exe

windows7-x64

7

ATLauncher....0.exe

windows10-2004-x64

Sharing

General

Target

ATLauncher-setup-1.1.0.0.exe
Size

2.6MB
Sample

230630-dkejjafh92
MD5

2f9d674c4b426de69d4229c7778d88c4
SHA1

9d75fdd18d4c32bc93c6c828ac3b4019db1f0931
SHA256

28272caadd4df846e1f19ca4c5932fa3ec0348f0e36a8e1395a30b2a005c7656
SHA512

fc9a5a6cb89cc61666055248391c54a2f5c0845dda72bbdbf469d3679c26b3546b7ab048c68ceeaa9f507e10ac4f83402a5303b58a465f1010608a02ec6c728f
SSDEEP

24576:k7FUDowAyrTVE3U5F349LBNaSG0b79VFVoCxQQMkcxVyMhqrHzEhbjRN8lTRa7I3:kBuZrEU89tRGu79DOHfkMhqgJjvWasrj

Score

10^/10

discovery evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ATLauncher-setup-1.1.0.0.exe

Resource

win7-20230621-es

windows7-x64

4 signatures

1800 seconds

Behavioral task

behavioral2

Sample

ATLauncher-setup-1.1.0.0.exe

Resource

win10v2004-20230621-es

discovery evasion

windows10-2004-x64

20 signatures

1800 seconds

Malware Config

Targets

- Target
  
  ATLauncher-setup-1.1.0.0.exe
- Size
  
  2.6MB
- MD5
  
  2f9d674c4b426de69d4229c7778d88c4
- SHA1
  
  9d75fdd18d4c32bc93c6c828ac3b4019db1f0931
- SHA256
  
  28272caadd4df846e1f19ca4c5932fa3ec0348f0e36a8e1395a30b2a005c7656
- SHA512
  
  fc9a5a6cb89cc61666055248391c54a2f5c0845dda72bbdbf469d3679c26b3546b7ab048c68ceeaa9f507e10ac4f83402a5303b58a465f1010608a02ec6c728f
- SSDEEP
  
  24576:k7FUDowAyrTVE3U5F349LBNaSG0b79VFVoCxQQMkcxVyMhqrHzEhbjRN8lTRa7I3:kBuZrEU89tRGu79DOHfkMhqgJjvWasrj
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Downloads MZ/PE file
- Modifies RDP port number used by Windows
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Remote Desktop Protocol

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion

© 2018-2024

Terms | Privacy