General
-
Target
NEAS.0c27c301c4175a8edfd2e116b16f41c0_JC.exe
-
Size
424KB
-
Sample
231012-whpktshe52
-
MD5
0c27c301c4175a8edfd2e116b16f41c0
-
SHA1
61af7180cb86be566c2099f9d657c4b225a75ca4
-
SHA256
1102ad15a84f32ac874383c808df23e29654f35bcae7df1aab0150e1708a3fa6
-
SHA512
129af3914d9d8b7667fa701616ff28ca0e3647b34450dd1b9a35fb4c851ea21421d97d80e45f7a23b6e18d161ec9d4bcb33ba2009b16e1f3418f177748ff2000
-
SSDEEP
6144:gDCwfG1bnxLEDrDCwfG1bnxLEDfKnydFb4YMIwT:g72bntEDr72bntEDSydjMLT
Malware Config
Targets
-
-
Target
NEAS.0c27c301c4175a8edfd2e116b16f41c0_JC.exe
-
Size
424KB
-
MD5
0c27c301c4175a8edfd2e116b16f41c0
-
SHA1
61af7180cb86be566c2099f9d657c4b225a75ca4
-
SHA256
1102ad15a84f32ac874383c808df23e29654f35bcae7df1aab0150e1708a3fa6
-
SHA512
129af3914d9d8b7667fa701616ff28ca0e3647b34450dd1b9a35fb4c851ea21421d97d80e45f7a23b6e18d161ec9d4bcb33ba2009b16e1f3418f177748ff2000
-
SSDEEP
6144:gDCwfG1bnxLEDrDCwfG1bnxLEDfKnydFb4YMIwT:g72bntEDr72bntEDSydjMLT
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-