d696a5254cf1e25d7961a84cc863bcccb2b25dff378b76836fe88ca613bf8924 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2144db584de9a7ed7d01298a98bd8310_JC.exe
Size

524KB
Sample

231016-vc8wvaaf4t
MD5

2144db584de9a7ed7d01298a98bd8310
SHA1

d6615b36cc1857e439ea2329a75bd1d7d9257a54
SHA256

d696a5254cf1e25d7961a84cc863bcccb2b25dff378b76836fe88ca613bf8924
SHA512

565f443dcb063f227d9533ca4cfcece088c1f2d3a66c451ca03c0d5edfbd870a8c988739d16b1dabcdf9ca871cbe34db67e908a756ebec5ed451a94d88e52da2
SSDEEP

3072:wCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxV:wqDAwl0xPTMiR9JSSxPUKYGdodHU

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.2144db584de9a7ed7d01298a98bd8310_JC.exe
- Size
  
  524KB
- MD5
  
  2144db584de9a7ed7d01298a98bd8310
- SHA1
  
  d6615b36cc1857e439ea2329a75bd1d7d9257a54
- SHA256
  
  d696a5254cf1e25d7961a84cc863bcccb2b25dff378b76836fe88ca613bf8924
- SHA512
  
  565f443dcb063f227d9533ca4cfcece088c1f2d3a66c451ca03c0d5edfbd870a8c988739d16b1dabcdf9ca871cbe34db67e908a756ebec5ed451a94d88e52da2
- SSDEEP
  
  3072:wCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxV:wqDAwl0xPTMiR9JSSxPUKYGdodHU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2