b8049a022430c34f0b8b3c9f357a9afa4fd6cb940b7353a610d1f53fb5bf471c | Triage

Sharing

General

Target

rutserv.exe
Size

19.8MB
Sample

231013-1byx5sdb78
MD5

41dc282cbf89b0737ae6dd2de5a71015
SHA1

4aac4bafaf43be690089549584770f9e88630b45
SHA256

b8049a022430c34f0b8b3c9f357a9afa4fd6cb940b7353a610d1f53fb5bf471c
SHA512

ee8f3af6c633385eb1c7022189604c16948fd9fb0da1eb017d529872df2f075b26bdc158cf2ef4772237f338d87d9f6dc1944381cd65c5a636add0e22a599d6d
SSDEEP

196608:anhOP/yO920X/pYwSsfCMrCTSFXpoFZnEI6TNnXG8QItwZr/dJnvu9b9PjpA6:ihOPadU/RXKgBZwnCYZr/n29h

Score

5^/10

Malware Config

Targets

- Target
  
  rutserv.exe
- Size
  
  19.8MB
- MD5
  
  41dc282cbf89b0737ae6dd2de5a71015
- SHA1
  
  4aac4bafaf43be690089549584770f9e88630b45
- SHA256
  
  b8049a022430c34f0b8b3c9f357a9afa4fd6cb940b7353a610d1f53fb5bf471c
- SHA512
  
  ee8f3af6c633385eb1c7022189604c16948fd9fb0da1eb017d529872df2f075b26bdc158cf2ef4772237f338d87d9f6dc1944381cd65c5a636add0e22a599d6d
- SSDEEP
  
  196608:anhOP/yO920X/pYwSsfCMrCTSFXpoFZnEI6TNnXG8QItwZr/dJnvu9b9PjpA6:ihOPadU/RXKgBZwnCYZr/n29h
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2