999dabcfa068fc8d41db2c94f04082d66cf3da6949ea9f1cb5a32a390f35bcca | Triage

Resubmissions

09/04/2024, 12:00

240409-n6plqsed63 10

08/04/2024, 16:48

240408-vbhm9seb92 7

08/04/2024, 16:43

240408-t8lkrahd91 8

Sharing

Copy URL Twitter E-mail

General

Target

by Goddy [RyosXsploits].zip
Size

8.9MB
Sample

240408-vbhm9seb92
MD5

545408934b4e866e2d4c4cad9bdd41a1
SHA1

818278791f73200d70c7a0b041bc3069e2179901
SHA256

999dabcfa068fc8d41db2c94f04082d66cf3da6949ea9f1cb5a32a390f35bcca
SHA512

fbb0c6f563ee236c3742d637e1cf044f04602216157764226c2b9d2ca1247d0e88c26fd55c59f11f436d7157163a426219d89ea1800c0ac4c76f00c78db1fa4e
SSDEEP

196608:AjIuvlxfez1p1usHhhQonZfFuwNVmhpvfB8Pp6aARkj104B:KIutoz1HHhCondYQAXfBLkZZB

Score

7^/10

Malware Config

Targets

- Target
  
  AURORAV2.rar
- Size
  
  8.9MB
- MD5
  
  8b09c8035d71ae6879b7174a830c44d1
- SHA1
  
  4bae17eb3bb09d29272295ec907aa24017a096bb
- SHA256
  
  c6b7f1668387dc7625e2e00fb2458dc19d187f5a402739d610b3546f74872aba
- SHA512
  
  593ba6cdf35adbc174d6e632cecc80cb341cc43febcbdba2a9a7c236667da03b214c3adb00cea0aa5a09533157f97655a334abe599e75089333452895ffaf826
- SSDEEP
  
  196608:HjIuvlxfez1p1usHhhQonZfFuwNVmhpvfB8Pp6aARkj104y:DIutoz1HHhCondYQAXfBLkZZy
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2