e40e4aea697dec8c855e6aeebd6b5563ecb9eb5adf6a181e8cc586cf726d5373 | Triage

Sharing

General

Target

ac6092-100save61.rar
Size

524KB
Sample

240219-vxlxtahh27
MD5

9ad8ee7ad58b9495db05892ca5629265
SHA1

22e933696e1749a2d846203bf44c95b672221450
SHA256

e40e4aea697dec8c855e6aeebd6b5563ecb9eb5adf6a181e8cc586cf726d5373
SHA512

206ae681a4d5cd8d055918efed49a4a6df456757cce585376b222310d43e26222e341271bd9adf358d343db0cefbce8041cdc237b2bb99a972a48cdb939447db
SSDEEP

12288:KmL1ruxemLbUGMu5daDZ0pmL1ruxemLbUGMu5daDZ0C:KmL1rIeqTMuralimL1rIeqTMural5

Score

7^/10

Malware Config

Targets

- Target
  
  ac6092-100save61.rar
- Size
  
  524KB
- MD5
  
  9ad8ee7ad58b9495db05892ca5629265
- SHA1
  
  22e933696e1749a2d846203bf44c95b672221450
- SHA256
  
  e40e4aea697dec8c855e6aeebd6b5563ecb9eb5adf6a181e8cc586cf726d5373
- SHA512
  
  206ae681a4d5cd8d055918efed49a4a6df456757cce585376b222310d43e26222e341271bd9adf358d343db0cefbce8041cdc237b2bb99a972a48cdb939447db
- SSDEEP
  
  12288:KmL1ruxemLbUGMu5daDZ0pmL1ruxemLbUGMu5daDZ0C:KmL1rIeqTMuralimL1rIeqTMural5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  Installation.txt
- Size
  
  236B
- MD5
  
  df04989f4304b6bb31c43da994c5edb9
- SHA1
  
  f5b12d54d0d371cc626a6f345e8bd4aea60dbb8e
- SHA256
  
  2bebebc834f15ad729b3e068aed9f7a8ebc33b0a77548155d1b7f4bd79edfeb7
- SHA512
  
  85d99728e6d0b3d71c5f659a71577ee4f96b4208408d0499af5a9f8562fcef9156293cc88ff909beb2036e5f101a1002184e0a1772fcb9ccd4f0dd29714e55b8
Score

1^/10
behavioral3 behavioral4
- Target
  
  SGTA50015
- Size
  
  536KB
- MD5
  
  c9468c9bd7c135b507f4750f1d500f6b
- SHA1
  
  d80c02cc281cc6391af1cfdc9f9ef37d0b36e1c4
- SHA256
  
  b2b966db1dde8a5e8b02a2cff7e9ee36c91f3213383484514a690825f5c69887
- SHA512
  
  77b209d97ce11b67013446a6da71ba811f7cc19be54cb95d6056d0f36e6e0b75d26fa71812801c28b97deed64e85a9f2524be3fa3b66ae3b6fbab160e3ebe8c2
- SSDEEP
  
  6144:X783j7wqy352VrojHVKIy1z+VeecPekLN5LZ4yGrJ5OX1NcHic3y4eIoLFQ:X7+yoVz+VRcPrLNxarJc6ic3xyQ
Score

1^/10
behavioral5 behavioral6
- Target
  
  SGTA50015.bak
- Size
  
  536KB
- MD5
  
  c9468c9bd7c135b507f4750f1d500f6b
- SHA1
  
  d80c02cc281cc6391af1cfdc9f9ef37d0b36e1c4
- SHA256
  
  b2b966db1dde8a5e8b02a2cff7e9ee36c91f3213383484514a690825f5c69887
- SHA512
  
  77b209d97ce11b67013446a6da71ba811f7cc19be54cb95d6056d0f36e6e0b75d26fa71812801c28b97deed64e85a9f2524be3fa3b66ae3b6fbab160e3ebe8c2
- SSDEEP
  
  6144:X783j7wqy352VrojHVKIy1z+VeecPekLN5LZ4yGrJ5OX1NcHic3y4eIoLFQ:X7+yoVz+VRcPrLNxarJc6ic3xyQ
Score

3^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8