aac8d768db4c7d6cdd0e17855b0e325780f5a5a6d38f6a6e14b5be48336b32b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d867ce165459c6ac5bd109c7ad1b9560.exe
Size

2.8MB
Sample

231013-zjc5zahd8v
MD5

d867ce165459c6ac5bd109c7ad1b9560
SHA1

f85c4fcbf8d80714eb2c32914dd81ff569f62192
SHA256

aac8d768db4c7d6cdd0e17855b0e325780f5a5a6d38f6a6e14b5be48336b32b1
SHA512

c15dc0469899a9d4afa1a25bdbba3e12ce2ce123aafffbee0842991e013750a7923bc086a2849c0871b501ceeebe996c637c8f84f684836edf8997c08c9978ba
SSDEEP

49152:tylFHUv6ReIt0jSrOogENXwu3qCqtKBjJj4B7hZIq7T94gcIFwxgo/:0lFHU85t0jS/gENAu6ChJjA7hZIq7T9Y

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.d867ce165459c6ac5bd109c7ad1b9560.exe
- Size
  
  2.8MB
- MD5
  
  d867ce165459c6ac5bd109c7ad1b9560
- SHA1
  
  f85c4fcbf8d80714eb2c32914dd81ff569f62192
- SHA256
  
  aac8d768db4c7d6cdd0e17855b0e325780f5a5a6d38f6a6e14b5be48336b32b1
- SHA512
  
  c15dc0469899a9d4afa1a25bdbba3e12ce2ce123aafffbee0842991e013750a7923bc086a2849c0871b501ceeebe996c637c8f84f684836edf8997c08c9978ba
- SSDEEP
  
  49152:tylFHUv6ReIt0jSrOogENXwu3qCqtKBjJj4B7hZIq7T94gcIFwxgo/:0lFHU85t0jS/gENAu6ChJjA7hZIq7T9Y
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2