d5f7e313d9a32c90e0f5497bfa10de237335e646609e2cf96e07ed5731123053 | Triage

Sharing

General

Target

NEAS.273b3cbe73a8c3c97ca1c8da6c6b4ba0.exe
Size

537KB
Sample

231022-vs31jacb4y
MD5

273b3cbe73a8c3c97ca1c8da6c6b4ba0
SHA1

c80a611f5cdd91b32464c42f83825137c95cdfc1
SHA256

d5f7e313d9a32c90e0f5497bfa10de237335e646609e2cf96e07ed5731123053
SHA512

cacaacb5d88f33a6daf8c45972968602dda8afd3b410b3a5e37ca1e12d3a09851fd4ae14ef767a88e5cf1fbe8295ce16549c697d00b387f36c181f26a3591dbd
SSDEEP

3072:wCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxY:wqDAwl0xPTMiR9JSSxPUKYGdodHn

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.273b3cbe73a8c3c97ca1c8da6c6b4ba0.exe
- Size
  
  537KB
- MD5
  
  273b3cbe73a8c3c97ca1c8da6c6b4ba0
- SHA1
  
  c80a611f5cdd91b32464c42f83825137c95cdfc1
- SHA256
  
  d5f7e313d9a32c90e0f5497bfa10de237335e646609e2cf96e07ed5731123053
- SHA512
  
  cacaacb5d88f33a6daf8c45972968602dda8afd3b410b3a5e37ca1e12d3a09851fd4ae14ef767a88e5cf1fbe8295ce16549c697d00b387f36c181f26a3591dbd
- SSDEEP
  
  3072:wCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxY:wqDAwl0xPTMiR9JSSxPUKYGdodHn
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2