Overview

overview

7

Static

static

3

NEAS.1294e...f0.exe

windows7-x64

7

NEAS.1294e...f0.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.1294e7b64fca2e6fe25057db354636f0.exe

  • Size

    105KB

  • Sample

    231021-z25ypscf25

  • MD5

    1294e7b64fca2e6fe25057db354636f0

  • SHA1

    ca80b6f160042891f02c5c5a8617eebb6562d55f

  • SHA256

    82d54ea469d82a08688ef4980b65096301c7fed5f2e492c11418893578635d67

  • SHA512

    04a840519b67350e5c17de6469fdfb12c835b910f1dbc66b4de58234f2cd0792979baa813701394f9885d312548448f02b2240182dd7cc9b765fe6b321b708ca

  • SSDEEP

    1536:qOPhlosUoAarDX1JJUYrBM6L3K2q1LdNVylcc6qHHJJXu2e:qOPlfJJXBM6L3KVJdNgmWLXu2e

Score
7/10

Malware Config

Targets

    • Target

      NEAS.1294e7b64fca2e6fe25057db354636f0.exe

    • Size

      105KB

    • MD5

      1294e7b64fca2e6fe25057db354636f0

    • SHA1

      ca80b6f160042891f02c5c5a8617eebb6562d55f

    • SHA256

      82d54ea469d82a08688ef4980b65096301c7fed5f2e492c11418893578635d67

    • SHA512

      04a840519b67350e5c17de6469fdfb12c835b910f1dbc66b4de58234f2cd0792979baa813701394f9885d312548448f02b2240182dd7cc9b765fe6b321b708ca

    • SSDEEP

      1536:qOPhlosUoAarDX1JJUYrBM6L3K2q1LdNVylcc6qHHJJXu2e:qOPlfJJXBM6L3KVJdNgmWLXu2e

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks