c982f30d794de0edf8b04440599ef3e85db1c3a10a6e2c25c3bdd901ff23a75d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1038066500dfe6bd223788bc53ec6c70_JC.exe
Size

36KB
Sample

231013-xcswqsfc47
MD5

1038066500dfe6bd223788bc53ec6c70
SHA1

ee34fce0f72a9cf6ae78efc8ddabd595bc73ed9d
SHA256

c982f30d794de0edf8b04440599ef3e85db1c3a10a6e2c25c3bdd901ff23a75d
SHA512

d11e9400ecdeb95227ee86587410a13af008d5b610bd52a65477832aa9705904cab1eb1aee30c929990e0635af0daa26e722f764bec03c874302187c16c7e819
SSDEEP

384:d/7HWFJ4a1oXAsOTMcMJEfQVXQNKN2NDX/3LoWOatcAr9JncAm9FNTnOsxU/tG6p:dD2oV2AJblQRNLzFrSNTnOAUVGRS

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.1038066500dfe6bd223788bc53ec6c70_JC.exe
- Size
  
  36KB
- MD5
  
  1038066500dfe6bd223788bc53ec6c70
- SHA1
  
  ee34fce0f72a9cf6ae78efc8ddabd595bc73ed9d
- SHA256
  
  c982f30d794de0edf8b04440599ef3e85db1c3a10a6e2c25c3bdd901ff23a75d
- SHA512
  
  d11e9400ecdeb95227ee86587410a13af008d5b610bd52a65477832aa9705904cab1eb1aee30c929990e0635af0daa26e722f764bec03c874302187c16c7e819
- SSDEEP
  
  384:d/7HWFJ4a1oXAsOTMcMJEfQVXQNKN2NDX/3LoWOatcAr9JncAm9FNTnOsxU/tG6p:dD2oV2AJblQRNLzFrSNTnOAUVGRS
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2