102dd3c800cb047fa756197d7253a7088d267ea3ac1a37663345d0f1628a677f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ExLoader_Installer.rar
Size

21.5MB
Sample

240824-mkzddaxeqq
MD5

3298935788df507adad3a5f0d26de538
SHA1

55ce829d15f119acb0e093d17defdbe89f2d775c
SHA256

102dd3c800cb047fa756197d7253a7088d267ea3ac1a37663345d0f1628a677f
SHA512

875dde457325a940a47a418be925a71f95ea89e175fe3d414e3b94c5a8e40dcff3e546c1454b77396c61697cea9107716cf17f527c621f29f90e3562e755a25b
SSDEEP

393216:qGrqCBYvMbgchnYOXztJJ6aZQRneffqpLWvnuvAmJuPPWppAmHFsxH4WMePbDN5X:zrqXUbgcJxtJsaaRafvn2B5A0CYdgvNl

Score

7^/10

Malware Config

Targets

- Target
  
  ExLoader_Installer.exe
- Size
  
  21.5MB
- MD5
  
  12be4d0a31f72a573a5a7040f8bd7222
- SHA1
  
  6204a09bf6312deb859a0c3c17fb7cdea478837f
- SHA256
  
  72f3e80d2de369de215ee50cc0bd2f9dc3405e75e0d4553637560ce75198339e
- SHA512
  
  228f59e0d10328486d540784e2260f99d20efa26370a9634ef5ccde79ef237bb93778a3746b96cc47ba75ba4e8c94f3bb48136b1a6a1d65963b143abd24a8832
- SSDEEP
  
  393216:1GHmVApOQNbTycz8RDsQJURbdrxaJy3lN+H0//goYI4q9qEME9CRd4tczuBH:gHDhfo3SRbQyH60woyuBzCsh
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2