9ae3f97c9a69251c125f97941937a05f8d29d226c18c8e92c85e5b5b2e1f499b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9ae3f97c9a69251c125f97941937a05f8d29d226c18c8e92c85e5b5b2e1f499b
Size

1.1MB
Sample

240305-1eezfaah84
MD5

d6132cc188ebcc1482a23f4f9e25c997
SHA1

a4f425b0b253613c7fa2050c77096d5431487cad
SHA256

9ae3f97c9a69251c125f97941937a05f8d29d226c18c8e92c85e5b5b2e1f499b
SHA512

3284fde921012c6055c15890b836d98827435af3b9dbb38d5b95bfc4cbcb00b00406e01e981299a31c6fc4085fb616d8ebbdda8f5ac3414fd9d8d4efbd3c492a
SSDEEP

24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Q8:CcaClSFlG4ZM7QzM7

Score

7^/10

Malware Config

Targets

- Target
  
  9ae3f97c9a69251c125f97941937a05f8d29d226c18c8e92c85e5b5b2e1f499b
- Size
  
  1.1MB
- MD5
  
  d6132cc188ebcc1482a23f4f9e25c997
- SHA1
  
  a4f425b0b253613c7fa2050c77096d5431487cad
- SHA256
  
  9ae3f97c9a69251c125f97941937a05f8d29d226c18c8e92c85e5b5b2e1f499b
- SHA512
  
  3284fde921012c6055c15890b836d98827435af3b9dbb38d5b95bfc4cbcb00b00406e01e981299a31c6fc4085fb616d8ebbdda8f5ac3414fd9d8d4efbd3c492a
- SSDEEP
  
  24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Q8:CcaClSFlG4ZM7QzM7
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2