dd3b16c4bfe6fa454e0ad084fd5d6b2ca9a3ea2a864bd936c1ecfaa19d766470 | Triage

Sharing

General

Target

NEAS.0db29980881e62286a89d39d0b36d6a0_JC.exe
Size

732KB
Sample

231014-pa4lfsdg4y
MD5

0db29980881e62286a89d39d0b36d6a0
SHA1

cdabf677d70e232a700922b8355b19377de3a69d
SHA256

dd3b16c4bfe6fa454e0ad084fd5d6b2ca9a3ea2a864bd936c1ecfaa19d766470
SHA512

8bf383fba13f9c487dd05fd4ee52216a3a46818240d1499b2a4baf5b91bdac7c4721a443192755609b8a893fb61ef055e6450e9bb230127effeb70039520bc28
SSDEEP

6144:2BDHmrz4niNy8o3Zp/TWt+g4RQTDUBO8/2vh+ziDV8m56TBac2Guo:wDHmoniNy8L8g4RgoBO8/2vhDX56TD

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.0db29980881e62286a89d39d0b36d6a0_JC.exe
- Size
  
  732KB
- MD5
  
  0db29980881e62286a89d39d0b36d6a0
- SHA1
  
  cdabf677d70e232a700922b8355b19377de3a69d
- SHA256
  
  dd3b16c4bfe6fa454e0ad084fd5d6b2ca9a3ea2a864bd936c1ecfaa19d766470
- SHA512
  
  8bf383fba13f9c487dd05fd4ee52216a3a46818240d1499b2a4baf5b91bdac7c4721a443192755609b8a893fb61ef055e6450e9bb230127effeb70039520bc28
- SSDEEP
  
  6144:2BDHmrz4niNy8o3Zp/TWt+g4RQTDUBO8/2vh+ziDV8m56TBac2Guo:wDHmoniNy8L8g4RgoBO8/2vhDX56TD
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2