0c3b5faf06ff0603ba3d444a25b404c106b3d9b0c0630e5689b4fd7a2fd3f17c | Triage

Sharing

General

Target

SetupAERSOffline_x86_v.2.0.0.2.zip
Size

130.5MB
Sample

231212-lm61kaccd3
MD5

f2bac7aa427535952fd610d9314de142
SHA1

2f3b8e802bd73932d82e5bd458c376d8b380933a
SHA256

0c3b5faf06ff0603ba3d444a25b404c106b3d9b0c0630e5689b4fd7a2fd3f17c
SHA512

5116c3b46bf08190f223962690cecefdae04b559c48891413e7ca7dc13c41c75b4b302ad3ba4668bbaa3516b188ee8de81ade3cf1aa7d858aa38b8c5910ebe23
SSDEEP

3145728:WxFgIPmIa9BJBI1jb9A1fLTr1BDvio5ZkfuD6WcZ6oW:WnguOijbq3JJqooWDLoW

Score

7^/10

Malware Config

Targets

- Target
  
  Setup AERS Offline x86.msi
- Size
  
  131.7MB
- MD5
  
  c305d75dc30f38d4c69ba148d0d7f2ec
- SHA1
  
  66db1268b165b5fad49f7a242f4f25de8eb43e8e
- SHA256
  
  95809b2981b94a57a1208d9e7cd4f1cb4214a883cc64b85cb77bf5735f9e3e12
- SHA512
  
  5cc6401d860e83a320114890307b16202633dae45652eb439af35df4c7fb1fe79b5fad23eccc2cbb7606c8af9d30fead0122e3966bdf7774aca407cff0c3de81
- SSDEEP
  
  3145728:tXtdQcGWGVSFuxDsyF/3XILOLn+zhxSqCszsalxYVqO:tM9xhF/Ian+XSqCasalA
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  setup.exe
- Size
  
  506KB
- MD5
  
  20ec279d89d7d300c950a57ac28ff0ac
- SHA1
  
  3f98b19bfa93fe4a4c457b4970392414b5ade06c
- SHA256
  
  c889d6b2721a7677cb3cde97885b13a6b3202b0806c28c4d09b204bbaa4ab309
- SHA512
  
  ff781a3076f4cf560eb76fe04a3156502d88d5589c180bc3e73dd96c3b8a3b83d29b906b37c22cc3b0007abb66aeb7972a6dc6ea0b3e75884e52b81e8c03383c
- SSDEEP
  
  12288:ZvdreppqoaR1APF5c72KaTzohz1Skh12eMb01JQntLOCbIesmk1:Z9SqoaRyPFOhz8y12embfsN1
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4