0cb0450556ffa29d578ea5490f512483dd2b5c7b2dba5cdb54ef77f6d6cbe98f | Triage

Sharing

General

Target

AE-Inj.rar
Size

231KB
Sample

231118-b62j3shh8w
MD5

bed7fc14a99fa4137346aad04fd1e7ef
SHA1

1fbfa49c94465e99e8f8bbe0f916210e9c1759ca
SHA256

0cb0450556ffa29d578ea5490f512483dd2b5c7b2dba5cdb54ef77f6d6cbe98f
SHA512

44a4db380755b9e72447165594091352161512192eb8796418e0e616ccd9c20d2ebf66d1ae97a0ea8dc2a5e8994a9129b9200d3b4bda378ff0a2555f496869ee
SSDEEP

6144:7FNrFD1HVHukFjVqWLBiaTk0ehZ00vU5hXUQ5huWNKk0gRFdiYqDIrrbi:pHuKj114dhZ36Vhujk0g7qDIrr2

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  AE-inj.exe
- Size
  
  507KB
- MD5
  
  6f0a27882312bbff2137b65929b6382b
- SHA1
  
  9954e154516e95c2eea06f4a230b170cf67f0227
- SHA256
  
  6f3e974b5cbae1ed0359bd343f2120dcc88d33968bb7ea027ca5671ba4bfad53
- SHA512
  
  22163bd498aee013af13a909d72e81a31a1f153d91f6e031982c5b40a49991911570d43c6739cfb5de2f6ce4833ba517c54741f549cfe610a34c414ea1e01b82
- SSDEEP
  
  6144:oG0Sx4x1VJswRYC8baxFIl+DJQATVbohTDOJh67V4CWWlI+8NyxNX2NnRI/d:Wi44wRrEl+DJLdosaz1mNRi
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  test.dll
- Size
  
  78KB
- MD5
  
  116492514ba8196afe8a003c8b69f18e
- SHA1
  
  f9bfdb376cf8077dcfa6fdf92524c1bb5d3fd103
- SHA256
  
  85277872aef988e44304af1bc545997a0174851aa58b74fea6dda5f842373633
- SHA512
  
  1e09ee0532ed02944f7aa03b559aca64fef6c0018b6f03875649751fd4a3dabda6693d2cb262aa9f982ac17bb52eb31013b86707b0ab64176b60182356397ec9
- SSDEEP
  
  1536:V4MUS+03lUwHsS4VR7Zdjp7D02fcFVQ2nZ+qnm:V7USGNDwFVQ2sqnm
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4