b64a03528d0aba8471d1135100bc4e130ef5c2ffa0b411aad87f19194363f1bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RapeLay.exe
Size

39.8MB
Sample

230704-14p6pshg78
MD5

805e1b53cd7ce5fbd7e9e55782671eb4
SHA1

5ce7e0876501aed9d4cccbb6694ecebc5dde460c
SHA256

b64a03528d0aba8471d1135100bc4e130ef5c2ffa0b411aad87f19194363f1bf
SHA512

0c93c4f991dba45a5e05f80976992a908ca2b9d1b1528794be9aad72c6e083250dbd05fea0e49be8d12474bcb0e81c1b64510cbb8612743fef20124786cf8976
SSDEEP

786432:TnH60LGTVMaIHuu7uh2/fFh5Dvge7Ij49w38KEIy5Q6L/zZyn769RKZeR50MdFSC:76wGTmtHG2/fFDv1/w3yIwLbA7/I60e4

Score

5^/10

Malware Config

Targets

- Target
  
  RapeLay.exe
- Size
  
  39.8MB
- MD5
  
  805e1b53cd7ce5fbd7e9e55782671eb4
- SHA1
  
  5ce7e0876501aed9d4cccbb6694ecebc5dde460c
- SHA256
  
  b64a03528d0aba8471d1135100bc4e130ef5c2ffa0b411aad87f19194363f1bf
- SHA512
  
  0c93c4f991dba45a5e05f80976992a908ca2b9d1b1528794be9aad72c6e083250dbd05fea0e49be8d12474bcb0e81c1b64510cbb8612743fef20124786cf8976
- SSDEEP
  
  786432:TnH60LGTVMaIHuu7uh2/fFh5Dvge7Ij49w38KEIy5Q6L/zZyn769RKZeR50MdFSC:76wGTmtHG2/fFDv1/w3yIwLbA7/I60e4
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2