700283bca383bbe8d1fa4a157ad7517018a9941468cff328ab1a3ecebd788718 | Triage

Resubmissions

10/07/2023, 12:36

230710-ps9kesac56 7

10/07/2023, 12:33

230710-pq9seaac44 7

Sharing

Copy URL Twitter E-mail

General

Target

rama.exe
Size

1.5MB
Sample

230710-ps9kesac56
MD5

3b9d15addc60abe5f09129ec60f2fb74
SHA1

6be7be3543424a6a3ed72e0af41a0d5599e99147
SHA256

700283bca383bbe8d1fa4a157ad7517018a9941468cff328ab1a3ecebd788718
SHA512

8681d11a9f473e68fcfe8cec8292e7df5830cb881b29d1fd74648513c9b2143cf6562302dd2eb7bee9391b5f0d29d39f6cc234e4661987196ffd60a00acb5f34
SSDEEP

24576:dOuz3GIV6EGpBSBat+vdEv0hC5dcRx7Op71yC5TYFOlxN/VZqOPI6sMAa:suz3GDGIsvdIcRx7OpddaOdVZqOPI6n

Score

7^/10

Malware Config

Targets

- Target
  
  rama.exe
- Size
  
  1.5MB
- MD5
  
  3b9d15addc60abe5f09129ec60f2fb74
- SHA1
  
  6be7be3543424a6a3ed72e0af41a0d5599e99147
- SHA256
  
  700283bca383bbe8d1fa4a157ad7517018a9941468cff328ab1a3ecebd788718
- SHA512
  
  8681d11a9f473e68fcfe8cec8292e7df5830cb881b29d1fd74648513c9b2143cf6562302dd2eb7bee9391b5f0d29d39f6cc234e4661987196ffd60a00acb5f34
- SSDEEP
  
  24576:dOuz3GIV6EGpBSBat+vdEv0hC5dcRx7Op71yC5TYFOlxN/VZqOPI6sMAa:suz3GDGIsvdIcRx7OpddaOdVZqOPI6n
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2