b9ce189d562462ce0a50d35f7e8f336fa88a5b8782c917724dd991a55e8a3162 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6dd8969aa64e1fdcf1c18c6d97078e70.exe
Size

649KB
Sample

231013-y8gzsacg57
MD5

6dd8969aa64e1fdcf1c18c6d97078e70
SHA1

457fe079a59528d01d37023555ecd60285a0f0e3
SHA256

b9ce189d562462ce0a50d35f7e8f336fa88a5b8782c917724dd991a55e8a3162
SHA512

e749e0c98c6180697957ecaa5d6d8e9140dfb00bfe2a04ae783d5f8f9b661d3d1054aaa5dc379392eaabe5ae8fa73b6250689cb72b024489e4c12dbdc1984d46
SSDEEP

12288:w+67XR9JSSxvYGdodHDusQHNd1KidKjttRYLwz:w+6N986Y7DusQHNd1KidKjttRYLwz

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.6dd8969aa64e1fdcf1c18c6d97078e70.exe
- Size
  
  649KB
- MD5
  
  6dd8969aa64e1fdcf1c18c6d97078e70
- SHA1
  
  457fe079a59528d01d37023555ecd60285a0f0e3
- SHA256
  
  b9ce189d562462ce0a50d35f7e8f336fa88a5b8782c917724dd991a55e8a3162
- SHA512
  
  e749e0c98c6180697957ecaa5d6d8e9140dfb00bfe2a04ae783d5f8f9b661d3d1054aaa5dc379392eaabe5ae8fa73b6250689cb72b024489e4c12dbdc1984d46
- SSDEEP
  
  12288:w+67XR9JSSxvYGdodHDusQHNd1KidKjttRYLwz:w+6N986Y7DusQHNd1KidKjttRYLwz
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2