58b266f3a05c772fef1219b90bbf04005bb2a0bf2895e705fff51d325cfc6333 | Triage

Sharing

General

Target

NEAS.bf938404647d8b925cb7bac8a2a31100.exe
Size

42KB
Sample

231013-zeqv9shc42
MD5

bf938404647d8b925cb7bac8a2a31100
SHA1

eb6f3f0303a05df84231e61d8d8b48c8683418e6
SHA256

58b266f3a05c772fef1219b90bbf04005bb2a0bf2895e705fff51d325cfc6333
SHA512

82f56338e3a96a6e0695610d07bc878589b253c6c02fd17617267a7778db85b66ff1685c1e56ccf59134099e2bd7db5df2ae22b4bf39ce2722beb4b7cb6fece6
SSDEEP

384:/opQWRIg8e+6fiXYg2OsalJOmgRIeLgJgokxjBDu+4tBz0clZep9:/0hRvmJOmg6eQgtlCjzzep9

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.bf938404647d8b925cb7bac8a2a31100.exe
- Size
  
  42KB
- MD5
  
  bf938404647d8b925cb7bac8a2a31100
- SHA1
  
  eb6f3f0303a05df84231e61d8d8b48c8683418e6
- SHA256
  
  58b266f3a05c772fef1219b90bbf04005bb2a0bf2895e705fff51d325cfc6333
- SHA512
  
  82f56338e3a96a6e0695610d07bc878589b253c6c02fd17617267a7778db85b66ff1685c1e56ccf59134099e2bd7db5df2ae22b4bf39ce2722beb4b7cb6fece6
- SSDEEP
  
  384:/opQWRIg8e+6fiXYg2OsalJOmgRIeLgJgokxjBDu+4tBz0clZep9:/0hRvmJOmg6eQgtlCjzzep9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2