a6aabbbf5b8bcf11bed91ce5c67727b5ce0713247e246c11c34b55f6395d1177 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

$RLBBRHU.exe
Size

13.1MB
Sample

230706-lhfb2shg54
MD5

9aef8680f8d9d66e9c5dd5eef8bade1f
SHA1

137f82dddd7a26080efff134cb35d17829b4746e
SHA256

a6aabbbf5b8bcf11bed91ce5c67727b5ce0713247e246c11c34b55f6395d1177
SHA512

c538cceab5b5f600358e5e58f6ca8e5a7d1c597fb97aeb50dea4e2b1318f40a484ba6e617c115c92e3183bcd14f9d1bb29f685186cc32e42c4bf09a58e92886e
SSDEEP

393216:zlaWRfDBeG+h5fHdlBcry7FMHxa6dU8sP:HhVAfHdlByy7ORa652

Score

5^/10

Malware Config

Targets

- Target
  
  Device/HarddiskVolume6/$RECYCLE.BIN/S-1-12-1-3734014516-1183994096-3584479153-3505700757/$RLBBRHU.exe
- Size
  
  13.3MB
- MD5
  
  b041415ecc11a12a64f0addc407d9c2b
- SHA1
  
  dedd794775f15dc03ab0ac9261aa0e244770617a
- SHA256
  
  610a6f7a1953ea92c7d1ca56f4b39f2dd9c50a67c02b3228d45ab8d1b9fb7be8
- SHA512
  
  4fa34d4e27cfdd51fce1892d7095c5d916303d69749172cc85f34a20118e959b540e6519437f190b51896b5c25da0ded69eaa3b9a3685cf3eec6bca283f832d4
- SSDEEP
  
  393216:Lf60AIKfBfjftfvcgIVfLfZfrvfzfx0fKfTfBVKfCfafifDpfv6f/7f+fQJafSfy:L607JihuzFiFdTsoYWNxAUytz
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2