aae14e4863cf2a29a97f0bc36acddedf058c5adf78b38058f9a1aa6791efde76 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aae14e4863cf2a29a97f0bc36acddedf058c5adf78b38058f9a1aa6791efde76
Size

49KB
Sample

240312-3rallaee5w
MD5

a7594031aa8c3a7c85cea4cf63462790
SHA1

44d9e37528a708a92674f6808532d9fc4a4c7115
SHA256

aae14e4863cf2a29a97f0bc36acddedf058c5adf78b38058f9a1aa6791efde76
SHA512

f80772d4917e34ba7c081cdb0da5add050573102fa0866f4f482c04d56383f32d93a0d982c3bba1400fa9a83cfc5560f693f749b46e1cf949107da792d080168
SSDEEP

768:eApQr0GvdFJI34qGxusOy9Rp1pLeAxoeC48PqK1OtaP6cCFzENRFspFnSzW3:eAapJlQsh7pWezEPJBjXK

Score

7^/10

Malware Config

Targets

- Target
  
  aae14e4863cf2a29a97f0bc36acddedf058c5adf78b38058f9a1aa6791efde76
- Size
  
  49KB
- MD5
  
  a7594031aa8c3a7c85cea4cf63462790
- SHA1
  
  44d9e37528a708a92674f6808532d9fc4a4c7115
- SHA256
  
  aae14e4863cf2a29a97f0bc36acddedf058c5adf78b38058f9a1aa6791efde76
- SHA512
  
  f80772d4917e34ba7c081cdb0da5add050573102fa0866f4f482c04d56383f32d93a0d982c3bba1400fa9a83cfc5560f693f749b46e1cf949107da792d080168
- SSDEEP
  
  768:eApQr0GvdFJI34qGxusOy9Rp1pLeAxoeC48PqK1OtaP6cCFzENRFspFnSzW3:eAapJlQsh7pWezEPJBjXK
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2