8770f219595aca6b7868da6d0a477848df06603c4b7367c0d65f1a4de7cd2eb8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8770f219595aca6b7868da6d0a477848df06603c4b7367c0d65f1a4de7cd2eb8
Size

6.7MB
Sample

240811-18rv4a1fjj
MD5

03c86a4fc9cb97034c0a7e315ca1cc0e
SHA1

2c12bb941c83fc632f443325ec7d9647acb5917b
SHA256

8770f219595aca6b7868da6d0a477848df06603c4b7367c0d65f1a4de7cd2eb8
SHA512

f352b6c88f8ea7d28b709aa150797d2030a0f96ac64e6f4ce8fd408ce83aadc94f269e497547e07ba52c6c18c49c9fc0121739cc331deac10dc5e0b277ba4b99
SSDEEP

98304:g65UKnCmhigEPs/+M516NCDZfnLJ+lBPDYLEQJT4cIcDBqOXsLQ02Z/qgpOb4ao:gd+rig+sWM5ECDZF+D6EQx2O8UNpOb7o

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  8770f219595aca6b7868da6d0a477848df06603c4b7367c0d65f1a4de7cd2eb8
- Size
  
  6.7MB
- MD5
  
  03c86a4fc9cb97034c0a7e315ca1cc0e
- SHA1
  
  2c12bb941c83fc632f443325ec7d9647acb5917b
- SHA256
  
  8770f219595aca6b7868da6d0a477848df06603c4b7367c0d65f1a4de7cd2eb8
- SHA512
  
  f352b6c88f8ea7d28b709aa150797d2030a0f96ac64e6f4ce8fd408ce83aadc94f269e497547e07ba52c6c18c49c9fc0121739cc331deac10dc5e0b277ba4b99
- SSDEEP
  
  98304:g65UKnCmhigEPs/+M516NCDZfnLJ+lBPDYLEQJT4cIcDBqOXsLQ02Z/qgpOb4ao:gd+rig+sWM5ECDZF+D6EQx2O8UNpOb7o
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $TEMP/{416EFCF5-47DC-49B8-9392-AE29034365FE}/ACDSeeProInstaller.exe
- Size
  
  5.0MB
- MD5
  
  aadd56a729e970a81249f031240d0d6f
- SHA1
  
  a44dafc342f0d26e679e2f71213f5fbfc36e7006
- SHA256
  
  628951fa0bf404c7d4ef365dd34eff8209f6b17fda5b9674ca85fcc4fa73b314
- SHA512
  
  efd4996a1a88e59803e168d6613b57dab5e81f1478d07e028b07203d76d48c56979782967f3f2b9414d0a94798bf8c6d9b93477eeab0f1d950d1e9827c95e957
- SSDEEP
  
  98304:8L3VBid7vs2RJQcL5xFLOAkGkzdnEVomFHKnPN:QaB9L3FLOyomFHKnPN
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6