b8849211b47e779bda9d5a7ad785e05bad1e9408a19c41e77a3e68e572b0db0c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.097413ca0296c2aa6546c4a6423be270_JC.exe
Size

23KB
Sample

231011-twdz5shh8s
MD5

097413ca0296c2aa6546c4a6423be270
SHA1

9af568e30358e3d67fad5bd1a9eb47addf413d33
SHA256

b8849211b47e779bda9d5a7ad785e05bad1e9408a19c41e77a3e68e572b0db0c
SHA512

10932af0535de2a5815cd4986b0aafba2b50a5f20c7e853a9f811fc7024c0978fb390eb655e1725a15f0ac53c93f93b580e0edf7ed9ecadcfdb327f4a0b95c95
SSDEEP

384:OlEhuYwzOQpf2XTM+L8X/SPFDNuDlg0NYVCmONEhU5WD2blzCm:phuYmOOi5LKSpNuDlVmONryIlzCm

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.097413ca0296c2aa6546c4a6423be270_JC.exe
- Size
  
  23KB
- MD5
  
  097413ca0296c2aa6546c4a6423be270
- SHA1
  
  9af568e30358e3d67fad5bd1a9eb47addf413d33
- SHA256
  
  b8849211b47e779bda9d5a7ad785e05bad1e9408a19c41e77a3e68e572b0db0c
- SHA512
  
  10932af0535de2a5815cd4986b0aafba2b50a5f20c7e853a9f811fc7024c0978fb390eb655e1725a15f0ac53c93f93b580e0edf7ed9ecadcfdb327f4a0b95c95
- SSDEEP
  
  384:OlEhuYwzOQpf2XTM+L8X/SPFDNuDlg0NYVCmONEhU5WD2blzCm:phuYmOOi5LKSpNuDlVmONryIlzCm
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2