0eb5859ae0cbc574df922aeb4e1d57521a866cb197e86a1559e37f1b7c863986 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6a3d170cac382390bbd712d849d8f620.exe
Size

2.2MB
Sample

231028-ynbx2ahh35
MD5

6a3d170cac382390bbd712d849d8f620
SHA1

cbe49e72c602bdd85f7c46823a3c2475fa1c18a4
SHA256

0eb5859ae0cbc574df922aeb4e1d57521a866cb197e86a1559e37f1b7c863986
SHA512

93551fcf61be50892e225ec4e203915cb80a5a1ca629e92b7be597b8535236d5b926cb67d1afbff30719c4ee3399957229096c80dddf0e83b7107f2a9b3384e6
SSDEEP

49152:7Ywmm8K1lQM1BtKo/8oWQIT6Wk+A8+/7RovsrM9BjXE:vml3OBtKC8l6qX4ZrmBj

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  NEAS.6a3d170cac382390bbd712d849d8f620.exe
- Size
  
  2.2MB
- MD5
  
  6a3d170cac382390bbd712d849d8f620
- SHA1
  
  cbe49e72c602bdd85f7c46823a3c2475fa1c18a4
- SHA256
  
  0eb5859ae0cbc574df922aeb4e1d57521a866cb197e86a1559e37f1b7c863986
- SHA512
  
  93551fcf61be50892e225ec4e203915cb80a5a1ca629e92b7be597b8535236d5b926cb67d1afbff30719c4ee3399957229096c80dddf0e83b7107f2a9b3384e6
- SSDEEP
  
  49152:7Ywmm8K1lQM1BtKo/8oWQIT6Wk+A8+/7RovsrM9BjXE:vml3OBtKC8l6qX4ZrmBj
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2