24d633b67de85c90c5612def6fae851b0592803024d4a101d247d52d2ac812ef | Triage

Sharing

General

Target

NEAS.4abfaf19fd44f9b9ffc784aedfaefa60_JC.exe
Size

777KB
Sample

231023-xp6claeg76
MD5

4abfaf19fd44f9b9ffc784aedfaefa60
SHA1

2bf3a7fb295863ef3771649685495f3515dab34c
SHA256

24d633b67de85c90c5612def6fae851b0592803024d4a101d247d52d2ac812ef
SHA512

8f45cf155d7a9a19c127fc9adc1607cde639731fab6bd6675920d500c83b98d04633fe737ae6d1a26c5a40b83bc41a3ccc72b38696d510255613be3fe1496e2d
SSDEEP

12288:4aHc64R1888888888888W88888888888EK3Oe5hLdGoNn+74bx6rPIasN8pc68bW:f86KIKL0sGhszbevHUizQwzUAja6APyb

Score

8^/10

Malware Config

Targets

- Target
  
  NEAS.4abfaf19fd44f9b9ffc784aedfaefa60_JC.exe
- Size
  
  777KB
- MD5
  
  4abfaf19fd44f9b9ffc784aedfaefa60
- SHA1
  
  2bf3a7fb295863ef3771649685495f3515dab34c
- SHA256
  
  24d633b67de85c90c5612def6fae851b0592803024d4a101d247d52d2ac812ef
- SHA512
  
  8f45cf155d7a9a19c127fc9adc1607cde639731fab6bd6675920d500c83b98d04633fe737ae6d1a26c5a40b83bc41a3ccc72b38696d510255613be3fe1496e2d
- SSDEEP
  
  12288:4aHc64R1888888888888W88888888888EK3Oe5hLdGoNn+74bx6rPIasN8pc68bW:f86KIKL0sGhszbevHUizQwzUAja6APyb
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2