b4919ff881c789de532dfa1bf3ece92dfb7cf49d1d7ae961dfdaf4cfe68d2659 | Triage

Sharing

General

Target

NEAS.ceb94cda69c5e27157208d9fff9a9d40.exe
Size

343KB
Sample

231013-zf4hrage3x
MD5

ceb94cda69c5e27157208d9fff9a9d40
SHA1

284a5277a4567bca9e3f231c91c6cb445f41d7ff
SHA256

b4919ff881c789de532dfa1bf3ece92dfb7cf49d1d7ae961dfdaf4cfe68d2659
SHA512

deb9e60035ccbbc3a1b5d41ef226e2fa83aa6a66a27533817ecb8a4602283844dbe1bb65ea297aa2f188b0b2e4b7d1dd58ec9e11e4fc70bb2b3e3eeab825879e
SSDEEP

6144:S5FrtlrIiswtAyxmbeoYRMHpeW+5GZhgNhHgwNWdVot:SHrtqi3trxg4uHJXZhgNhHg/dc

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.ceb94cda69c5e27157208d9fff9a9d40.exe
- Size
  
  343KB
- MD5
  
  ceb94cda69c5e27157208d9fff9a9d40
- SHA1
  
  284a5277a4567bca9e3f231c91c6cb445f41d7ff
- SHA256
  
  b4919ff881c789de532dfa1bf3ece92dfb7cf49d1d7ae961dfdaf4cfe68d2659
- SHA512
  
  deb9e60035ccbbc3a1b5d41ef226e2fa83aa6a66a27533817ecb8a4602283844dbe1bb65ea297aa2f188b0b2e4b7d1dd58ec9e11e4fc70bb2b3e3eeab825879e
- SSDEEP
  
  6144:S5FrtlrIiswtAyxmbeoYRMHpeW+5GZhgNhHgwNWdVot:SHrtqi3trxg4uHJXZhgNhHg/dc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2