02a1b3a370aed1de7126813e607429b7343449bb0451205da419a715be5e513e | Triage

Sharing

General

Target

RLCollector.exe
Size

8.7MB
Sample

240425-g47wzage5x
MD5

f4f1125b23f0da920b8f6a874e5f4261
SHA1

567b5e18568dcb267b8f62b15817f3c509e735a5
SHA256

02a1b3a370aed1de7126813e607429b7343449bb0451205da419a715be5e513e
SHA512

3f0d4840065e752479cce03176e1c9546a3bf7c9ee85e894eaa441be985138d0361109eed715931e038660603e9f60bf2bf572f3289baacada0958db8483dfd1
SSDEEP

196608:XVh86RrlqBA1HeT39Iigw/+vvKub75bcjWgbkzfJkA5jDCUWZYtdU:P8Ecq1+TtIiFGvvB5IjWqkz//mZMd

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  RLCollector.exe
- Size
  
  8.7MB
- MD5
  
  f4f1125b23f0da920b8f6a874e5f4261
- SHA1
  
  567b5e18568dcb267b8f62b15817f3c509e735a5
- SHA256
  
  02a1b3a370aed1de7126813e607429b7343449bb0451205da419a715be5e513e
- SHA512
  
  3f0d4840065e752479cce03176e1c9546a3bf7c9ee85e894eaa441be985138d0361109eed715931e038660603e9f60bf2bf572f3289baacada0958db8483dfd1
- SSDEEP
  
  196608:XVh86RrlqBA1HeT39Iigw/+vvKub75bcjWgbkzfJkA5jDCUWZYtdU:P8Ecq1+TtIiFGvvB5IjWqkz//mZMd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1