23b661d7bc171cd500d5096456905283ffe06479582b62d3bd5066633935d43e | Triage

Sharing

General

Target

rustdesk-host%3Drust.wizardit.ru%2Ckey%3DTY0ckuawZ6pHMpPlTCeB6yDAjmRpa61nHwzygS54jDw%3D.exe
Size

19.8MB
Sample

231206-s1aylsff29
MD5

7caa1ef1cdeabb6c7487d66bd172fcf8
SHA1

a95d7098080fc3994ab434c2a5c4ec8f85817b11
SHA256

23b661d7bc171cd500d5096456905283ffe06479582b62d3bd5066633935d43e
SHA512

d4d13f539ce2e6177be3c06bab29fb69964424176a5f7573f27bfcdf87fe73b9b522182460331523f1421c0490e4c95b3a864eb9152df8bca7957916b85c5ae1
SSDEEP

393216:Mdvr3DHhPWjmUASYlYLGE3+6Pdj/uVDVU3LLHf36WAaS:SzTHhOjCl3b6F85UbL/36WAz

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  rustdesk-host%3Drust.wizardit.ru%2Ckey%3DTY0ckuawZ6pHMpPlTCeB6yDAjmRpa61nHwzygS54jDw%3D.exe
- Size
  
  19.8MB
- MD5
  
  7caa1ef1cdeabb6c7487d66bd172fcf8
- SHA1
  
  a95d7098080fc3994ab434c2a5c4ec8f85817b11
- SHA256
  
  23b661d7bc171cd500d5096456905283ffe06479582b62d3bd5066633935d43e
- SHA512
  
  d4d13f539ce2e6177be3c06bab29fb69964424176a5f7573f27bfcdf87fe73b9b522182460331523f1421c0490e4c95b3a864eb9152df8bca7957916b85c5ae1
- SSDEEP
  
  393216:Mdvr3DHhPWjmUASYlYLGE3+6Pdj/uVDVU3LLHf36WAaS:SzTHhOjCl3b6F85UbL/36WAz
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2