11d53bfe99e1cf04c9fc9dbf4fe839338d55ab7e80cb58becae8ee4134d52d81 | Triage

Sharing

General

Target

NEAS.a861969dbbcfd698714d04cc50ca50e0.exe
Size

740KB
Sample

231016-w6ny7sah87
MD5

a861969dbbcfd698714d04cc50ca50e0
SHA1

e8cb0922d05dfd1bb8f769ed78ad686032f5099a
SHA256

11d53bfe99e1cf04c9fc9dbf4fe839338d55ab7e80cb58becae8ee4134d52d81
SHA512

25f3eae0001366210bd23fa9584df59bcf96d3c317dc4986b625a76c55c263b707c850b1cd8d36d693b3b44e5b5d3a892758bed37f7009107c2ade172bb6090e
SSDEEP

6144:pqDAwl0xPTMiR9JSSxPUKYGdodH/baqE7Al8jk2jcbaqE7Al8jk2jH:p+67XR9JSSxvYGdodH/1CVc1CVH

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.a861969dbbcfd698714d04cc50ca50e0.exe
- Size
  
  740KB
- MD5
  
  a861969dbbcfd698714d04cc50ca50e0
- SHA1
  
  e8cb0922d05dfd1bb8f769ed78ad686032f5099a
- SHA256
  
  11d53bfe99e1cf04c9fc9dbf4fe839338d55ab7e80cb58becae8ee4134d52d81
- SHA512
  
  25f3eae0001366210bd23fa9584df59bcf96d3c317dc4986b625a76c55c263b707c850b1cd8d36d693b3b44e5b5d3a892758bed37f7009107c2ade172bb6090e
- SSDEEP
  
  6144:pqDAwl0xPTMiR9JSSxPUKYGdodH/baqE7Al8jk2jcbaqE7Al8jk2jH:p+67XR9JSSxvYGdodH/1CVc1CVH
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2