833f43b68b613a3c381ad2788a5c4ef2f27b9ade88a9b4cf7ff2435dd8347700 | Triage

Sharing

General

Target

NEAS.120e6c75086c7dfcec1367c854e40510_JC.exe
Size

550KB
Sample

231014-p5n49agc44
MD5

120e6c75086c7dfcec1367c854e40510
SHA1

7f6eaf55b272cca10dfa0c4577991fa80ee12256
SHA256

833f43b68b613a3c381ad2788a5c4ef2f27b9ade88a9b4cf7ff2435dd8347700
SHA512

357bca15f2dc9d1da54fea5e77490ba25f0867ccf48a1eb3fd56063817d4344c681242b7d59155f36a1365fc6304c49920ea6e20a2dfa14a44463965c251df86
SSDEEP

3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxF:dqDAwl0xPTMiR9JSSxPUKYGdodHTi

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.120e6c75086c7dfcec1367c854e40510_JC.exe
- Size
  
  550KB
- MD5
  
  120e6c75086c7dfcec1367c854e40510
- SHA1
  
  7f6eaf55b272cca10dfa0c4577991fa80ee12256
- SHA256
  
  833f43b68b613a3c381ad2788a5c4ef2f27b9ade88a9b4cf7ff2435dd8347700
- SHA512
  
  357bca15f2dc9d1da54fea5e77490ba25f0867ccf48a1eb3fd56063817d4344c681242b7d59155f36a1365fc6304c49920ea6e20a2dfa14a44463965c251df86
- SSDEEP
  
  3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxF:dqDAwl0xPTMiR9JSSxPUKYGdodHTi
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2