496b7707e779c1aa2d22954037f5df17a0e528f4f3e97f89cbf40c795c57e36c | Triage

Sharing

General

Target

ProAI Installer.exe
Size

51.5MB
Sample

240921-1zgzjawgkn
MD5

22d0e2d0845b6eddb9d894448f7e3ed3
SHA1

80e6c96edeb4c4677e0bee2cf659e0a81eaf2bc2
SHA256

496b7707e779c1aa2d22954037f5df17a0e528f4f3e97f89cbf40c795c57e36c
SHA512

73d5564fb6d8686a7068962a6743f927fa4f246d0d0fa4fe36418bee10a490151a62e32a9d75f3cf24bcf4d15c2fd5c5d4bc467730c915c21d63b160cc5bbc11
SSDEEP

1572864:HmrYamSMSqfgGXMMwTrqqp9rVeZjjuB7Npd3Xo:Gr1mv9fgYo3p9Z2KjX

Score

8^/10

execution

Malware Config

Targets

- Target
  
  ProAI Installer.exe
- Size
  
  51.5MB
- MD5
  
  22d0e2d0845b6eddb9d894448f7e3ed3
- SHA1
  
  80e6c96edeb4c4677e0bee2cf659e0a81eaf2bc2
- SHA256
  
  496b7707e779c1aa2d22954037f5df17a0e528f4f3e97f89cbf40c795c57e36c
- SHA512
  
  73d5564fb6d8686a7068962a6743f927fa4f246d0d0fa4fe36418bee10a490151a62e32a9d75f3cf24bcf4d15c2fd5c5d4bc467730c915c21d63b160cc5bbc11
- SSDEEP
  
  1572864:HmrYamSMSqfgGXMMwTrqqp9rVeZjjuB7Npd3Xo:Gr1mv9fgYo3p9Z2KjX
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2