a3ff7f8e7fd1b78a3a749d7c82aa5801b84039ecd3412aeb2977ac2c18f8c5f7 | Triage

Sharing

General

Target

NEAS.a87ea00d6755e7fb9884e3ceec1aa95c_JC.exe
Size

609KB
Sample

231010-xzacxaab97
MD5

a87ea00d6755e7fb9884e3ceec1aa95c
SHA1

f52bea31452b438a7fbfd7b7cb92bf27656b2aa7
SHA256

a3ff7f8e7fd1b78a3a749d7c82aa5801b84039ecd3412aeb2977ac2c18f8c5f7
SHA512

ac49d0a6fc6480287fb694e0eb4a204253259e5a006ff9572f50ea7a32995542d33d57e56a2fdf6e2bad083d2466ff527c7ad98e5f9442d3a9bcb10b1899dc3b
SSDEEP

3072:+CaoAs101Pol0xPTM7mRCAdJSSxPUkl3VqMQTCk/dN92sdNhavtrVdewnAx3wmV+:+qDAwl0xPTMiR9JSSxPUKadodHZTD

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.a87ea00d6755e7fb9884e3ceec1aa95c_JC.exe
- Size
  
  609KB
- MD5
  
  a87ea00d6755e7fb9884e3ceec1aa95c
- SHA1
  
  f52bea31452b438a7fbfd7b7cb92bf27656b2aa7
- SHA256
  
  a3ff7f8e7fd1b78a3a749d7c82aa5801b84039ecd3412aeb2977ac2c18f8c5f7
- SHA512
  
  ac49d0a6fc6480287fb694e0eb4a204253259e5a006ff9572f50ea7a32995542d33d57e56a2fdf6e2bad083d2466ff527c7ad98e5f9442d3a9bcb10b1899dc3b
- SSDEEP
  
  3072:+CaoAs101Pol0xPTM7mRCAdJSSxPUkl3VqMQTCk/dN92sdNhavtrVdewnAx3wmV+:+qDAwl0xPTMiR9JSSxPUKadodHZTD
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2