ae115eb5f61f0c56ca5d560db35b86ec2ba17b11146cba14918a6d415ebc25e4 | Triage

Sharing

General

Target

ae115eb5f61f0c56ca5d560db35b86ec2ba17b11146cba14918a6d415ebc25e4
Size

603KB
Sample

250120-k3897a1rfz
MD5

65c3bc8fc03d26bde45ad3f119fc69f1
SHA1

1d4ef5909df6d3ac6b5234c9366ca2dc1673bc71
SHA256

ae115eb5f61f0c56ca5d560db35b86ec2ba17b11146cba14918a6d415ebc25e4
SHA512

24c5f809dec055ecd6d2a6ef40d6fac593680b469ad4e2bed9fa9ccd9d5d4ee7a873bef7d2ed1433d3289438e616c61dd28fab8de0592d54e431b0c7ec68bcfc
SSDEEP

3072:hCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VqMQTCk/dN92sdNhavtrVdewnAx3wmVW:hqDAwl0xPTMiR9JSSxPUKadodH6XhO

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ae115eb5f61f0c56ca5d560db35b86ec2ba17b11146cba14918a6d415ebc25e4
- Size
  
  603KB
- MD5
  
  65c3bc8fc03d26bde45ad3f119fc69f1
- SHA1
  
  1d4ef5909df6d3ac6b5234c9366ca2dc1673bc71
- SHA256
  
  ae115eb5f61f0c56ca5d560db35b86ec2ba17b11146cba14918a6d415ebc25e4
- SHA512
  
  24c5f809dec055ecd6d2a6ef40d6fac593680b469ad4e2bed9fa9ccd9d5d4ee7a873bef7d2ed1433d3289438e616c61dd28fab8de0592d54e431b0c7ec68bcfc
- SSDEEP
  
  3072:hCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VqMQTCk/dN92sdNhavtrVdewnAx3wmVW:hqDAwl0xPTMiR9JSSxPUKadodH6XhO
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2