15c19bc622893f73d7e09bb4e64a4a342c2cb7ef78633551720353d85816f372 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.afea5ce6f395fe427f84d503208587f0_JC.exe
Size

539KB
Sample

231009-twn54sgd98
MD5

afea5ce6f395fe427f84d503208587f0
SHA1

6a0a6ee77d044f352d7669586aeeae908b910d93
SHA256

15c19bc622893f73d7e09bb4e64a4a342c2cb7ef78633551720353d85816f372
SHA512

96a7dfe7e7bad27e3162d298203ea00abdba6e53b0ced3c86b0b59a7963c69c2b69daef99dfb748e98f33000f7f0b00e6a45ce6a06f71e04def234512e4c15ad
SSDEEP

3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxi:dqDAwl0xPTMiR9JSSxPUKYGdodH/

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.afea5ce6f395fe427f84d503208587f0_JC.exe
- Size
  
  539KB
- MD5
  
  afea5ce6f395fe427f84d503208587f0
- SHA1
  
  6a0a6ee77d044f352d7669586aeeae908b910d93
- SHA256
  
  15c19bc622893f73d7e09bb4e64a4a342c2cb7ef78633551720353d85816f372
- SHA512
  
  96a7dfe7e7bad27e3162d298203ea00abdba6e53b0ced3c86b0b59a7963c69c2b69daef99dfb748e98f33000f7f0b00e6a45ce6a06f71e04def234512e4c15ad
- SSDEEP
  
  3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxi:dqDAwl0xPTMiR9JSSxPUKYGdodH/
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2