c7ee33459a02ca11d80e6e95e990c4f7d4c69da1ee2fcb3bf54a5b3e2ea71729 | Triage

Sharing

General

Target

NEAS.3899a4b53c4f9b24cf658f8734040b60.exe
Size

538KB
Sample

231016-wxap8acb5t
MD5

3899a4b53c4f9b24cf658f8734040b60
SHA1

c1ce4f9a3329e82abc9ebd16413ca541fce96f74
SHA256

c7ee33459a02ca11d80e6e95e990c4f7d4c69da1ee2fcb3bf54a5b3e2ea71729
SHA512

488bd857725a5bb068e8577f62ce135d5b6b513309356a72734538757ffdeedbfe93f87101bec0e175daeb166d21dc78496c07a454499c2fd1eb2d1841e56cc2
SSDEEP

3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxs:dqDAwl0xPTMiR9JSSxPUKYGdodHV

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.3899a4b53c4f9b24cf658f8734040b60.exe
- Size
  
  538KB
- MD5
  
  3899a4b53c4f9b24cf658f8734040b60
- SHA1
  
  c1ce4f9a3329e82abc9ebd16413ca541fce96f74
- SHA256
  
  c7ee33459a02ca11d80e6e95e990c4f7d4c69da1ee2fcb3bf54a5b3e2ea71729
- SHA512
  
  488bd857725a5bb068e8577f62ce135d5b6b513309356a72734538757ffdeedbfe93f87101bec0e175daeb166d21dc78496c07a454499c2fd1eb2d1841e56cc2
- SSDEEP
  
  3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxs:dqDAwl0xPTMiR9JSSxPUKYGdodHV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2