bc994186509994a689f1a0650f3b39c6c968e0ebe57b987b61c195f34ace8cbd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.29ea70c6b003853527444013076447d0_JC.exe
Size

867KB
Sample

231016-wk9nsada83
MD5

29ea70c6b003853527444013076447d0
SHA1

4e5ed56691dd52d985f503220efbef2fee0684d2
SHA256

bc994186509994a689f1a0650f3b39c6c968e0ebe57b987b61c195f34ace8cbd
SHA512

7ff7ed1e71717a4cc0e6c657d2e730c92159c5030c42b5f7fa54547222c8ceb39f14cae09c128c60dc3757df20c7fdaf82fb1eff47a500b99aa916a9e4474aa3
SSDEEP

12288:d+67XR9JSSxvYGdodHEDQ4LWfxWmZcazAii49Xoab2f:d+6N986Y7F8

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.29ea70c6b003853527444013076447d0_JC.exe
- Size
  
  867KB
- MD5
  
  29ea70c6b003853527444013076447d0
- SHA1
  
  4e5ed56691dd52d985f503220efbef2fee0684d2
- SHA256
  
  bc994186509994a689f1a0650f3b39c6c968e0ebe57b987b61c195f34ace8cbd
- SHA512
  
  7ff7ed1e71717a4cc0e6c657d2e730c92159c5030c42b5f7fa54547222c8ceb39f14cae09c128c60dc3757df20c7fdaf82fb1eff47a500b99aa916a9e4474aa3
- SSDEEP
  
  12288:d+67XR9JSSxvYGdodHEDQ4LWfxWmZcazAii49Xoab2f:d+6N986Y7F8
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2