e42160073f60e26fd2b0ba761b4e0b98c60b27fdce68fc839cccfdd5732c497a | Triage

Sharing

General

Target

NEAS.4430be82a353203babc9a38ea933ec20.exe
Size

45KB
Sample

231013-yz3vwsgg6t
MD5

4430be82a353203babc9a38ea933ec20
SHA1

c508fc1b948bc1076bcbaf0da69fb5925a009f0a
SHA256

e42160073f60e26fd2b0ba761b4e0b98c60b27fdce68fc839cccfdd5732c497a
SHA512

43547b414c49dbf545c98ad9a14728a2bd2c23c760a85a2a65e703bf17e8172e652517e99feb19af8d6cfbc580c1d56dedb91c1b06ec89edc51b72babe4216df
SSDEEP

384:nJpVOCUtDqYCfRgGW6DBi9+eY77Ybrvgp5E9fWWq53txEXM/Y:nJTOtFqRfqGW6N4g71pu9fWWq53ET

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.4430be82a353203babc9a38ea933ec20.exe
- Size
  
  45KB
- MD5
  
  4430be82a353203babc9a38ea933ec20
- SHA1
  
  c508fc1b948bc1076bcbaf0da69fb5925a009f0a
- SHA256
  
  e42160073f60e26fd2b0ba761b4e0b98c60b27fdce68fc839cccfdd5732c497a
- SHA512
  
  43547b414c49dbf545c98ad9a14728a2bd2c23c760a85a2a65e703bf17e8172e652517e99feb19af8d6cfbc580c1d56dedb91c1b06ec89edc51b72babe4216df
- SSDEEP
  
  384:nJpVOCUtDqYCfRgGW6DBi9+eY77Ybrvgp5E9fWWq53txEXM/Y:nJTOtFqRfqGW6N4g71pu9fWWq53ET
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2