0abe30ac5946bbd5ceab283ddbcc84f553497b9c1019b28f4d1428461343c4d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Onboard Memory Manager.exe
Size

10.9MB
Sample

240228-rr2jjadg7s
MD5

122ca8a83c5bde6865845d4d4a546108
SHA1

28a30a2fbce253e8b061c65cb86da759d382b15a
SHA256

0abe30ac5946bbd5ceab283ddbcc84f553497b9c1019b28f4d1428461343c4d1
SHA512

87f9a8bd2c6ccdb78252db2e5b50c2e8ca87ee69f9a0d24f439d7613fbce22558c60214fc1c4ffda66e60cd2e74a6e613aac21834fe7ae05eb21afd7fe96b6e8
SSDEEP

98304:ATchecqpy/fEhE3v40QlkLd33348VA8IWwWz2sMLk6hD+bLaykjyIR2leRe:zhqhEJQl8d33348q8C6bLWOIR

Score

7^/10

Malware Config

Targets

- Target
  
  Onboard Memory Manager.exe
- Size
  
  10.9MB
- MD5
  
  122ca8a83c5bde6865845d4d4a546108
- SHA1
  
  28a30a2fbce253e8b061c65cb86da759d382b15a
- SHA256
  
  0abe30ac5946bbd5ceab283ddbcc84f553497b9c1019b28f4d1428461343c4d1
- SHA512
  
  87f9a8bd2c6ccdb78252db2e5b50c2e8ca87ee69f9a0d24f439d7613fbce22558c60214fc1c4ffda66e60cd2e74a6e613aac21834fe7ae05eb21afd7fe96b6e8
- SSDEEP
  
  98304:ATchecqpy/fEhE3v40QlkLd33348VA8IWwWz2sMLk6hD+bLaykjyIR2leRe:zhqhEJQl8d33348q8C6bLWOIR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2