8ef16d53048177e8d3084bb8bbc4c1f7f291b56d25e15f6523aab7712805856e | Triage

Sharing

General

Target

NEAS.fa35b2daeea4893c39c7757406645af0.exe
Size

473KB
Sample

231022-v481xsda27
MD5

fa35b2daeea4893c39c7757406645af0
SHA1

5a4db2dfa8b4065ec4a07eac157d9d0b9c6609a7
SHA256

8ef16d53048177e8d3084bb8bbc4c1f7f291b56d25e15f6523aab7712805856e
SHA512

a24a57ea24a1751bed2186c267190ecc18feefed2419a94566d7839b8034fa6fe9c695a4b0de7bbf73bb6486d857eb61016733f2cca93238dd305bee7f23edf1
SSDEEP

1536:ur3Z5IfQmv81a1xyXHZ+NGQSLNmCm6oyz7jBd7qDmbNPMJAVC+++6:yJOfQm01mxyXHZKG7pm6j77C

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  NEAS.fa35b2daeea4893c39c7757406645af0.exe
- Size
  
  473KB
- MD5
  
  fa35b2daeea4893c39c7757406645af0
- SHA1
  
  5a4db2dfa8b4065ec4a07eac157d9d0b9c6609a7
- SHA256
  
  8ef16d53048177e8d3084bb8bbc4c1f7f291b56d25e15f6523aab7712805856e
- SHA512
  
  a24a57ea24a1751bed2186c267190ecc18feefed2419a94566d7839b8034fa6fe9c695a4b0de7bbf73bb6486d857eb61016733f2cca93238dd305bee7f23edf1
- SSDEEP
  
  1536:ur3Z5IfQmv81a1xyXHZ+NGQSLNmCm6oyz7jBd7qDmbNPMJAVC+++6:yJOfQm01mxyXHZKG7pm6j77C
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2