a8a95e78ee03b1f131f6f70e7627e1f248403d57b98303573e33cde1c516f9a2 | Triage

Sharing

General

Target

NEAS.3c9a4983efde5167322c52ec88602c90.exe
Size

520KB
Sample

231022-vt6g2scg8w
MD5

3c9a4983efde5167322c52ec88602c90
SHA1

a960d71f5f850c0bc763c6f9ca1b7f9ea87bae4e
SHA256

a8a95e78ee03b1f131f6f70e7627e1f248403d57b98303573e33cde1c516f9a2
SHA512

5abb5fb7736f226ead95515cb15bdb58563e0fff3f4423de3f03a9c8b8e010fec617f3534c469eff6f208d5d33fbe9a19c9177b1b04e8a0924ddac0cc79f707c
SSDEEP

3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxj:dqDAwl0xPTMiR9JSSxPUKYGdodHa

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.3c9a4983efde5167322c52ec88602c90.exe
- Size
  
  520KB
- MD5
  
  3c9a4983efde5167322c52ec88602c90
- SHA1
  
  a960d71f5f850c0bc763c6f9ca1b7f9ea87bae4e
- SHA256
  
  a8a95e78ee03b1f131f6f70e7627e1f248403d57b98303573e33cde1c516f9a2
- SHA512
  
  5abb5fb7736f226ead95515cb15bdb58563e0fff3f4423de3f03a9c8b8e010fec617f3534c469eff6f208d5d33fbe9a19c9177b1b04e8a0924ddac0cc79f707c
- SSDEEP
  
  3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxj:dqDAwl0xPTMiR9JSSxPUKYGdodHa
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2