56813d303dad37f39e83bfb2f3ee06a200e1c1a8245c3c4e2d8ce4bcef061ac0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.07dff5e91610ee4062af466483952470_JC.exe
Size

25KB
Sample

231014-m1mphseg89
MD5

07dff5e91610ee4062af466483952470
SHA1

cc7f679c5cff4adfa687a811c6efcfe5f9d64169
SHA256

56813d303dad37f39e83bfb2f3ee06a200e1c1a8245c3c4e2d8ce4bcef061ac0
SHA512

09d392799f700bef2258a9eb44b70a9adde2d64388f6e86894f7c4fc3351a208dd58afd34b90628fdb345edfcdac195cc58c6fa1c47aa5aad68a1c78c127b107
SSDEEP

384:lrd1jR3l1cbELnrfjoRWw3KgXOXtYTcaEH5YAVbQ:NvasrfjGW47XyYTH+y5

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.07dff5e91610ee4062af466483952470_JC.exe
- Size
  
  25KB
- MD5
  
  07dff5e91610ee4062af466483952470
- SHA1
  
  cc7f679c5cff4adfa687a811c6efcfe5f9d64169
- SHA256
  
  56813d303dad37f39e83bfb2f3ee06a200e1c1a8245c3c4e2d8ce4bcef061ac0
- SHA512
  
  09d392799f700bef2258a9eb44b70a9adde2d64388f6e86894f7c4fc3351a208dd58afd34b90628fdb345edfcdac195cc58c6fa1c47aa5aad68a1c78c127b107
- SSDEEP
  
  384:lrd1jR3l1cbELnrfjoRWw3KgXOXtYTcaEH5YAVbQ:NvasrfjGW47XyYTH+y5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2