8c12a23e5a373ef1e0791040ff2cadfa7a3d01e0fd1c142586d7a3f9c5ead03e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3ebd750d865688c155f343179824cfb0.exe
Size

279KB
Sample

231031-ks94qsbh2x
MD5

3ebd750d865688c155f343179824cfb0
SHA1

d8f5897a33c1b8605ae857228e0217b4067b65d2
SHA256

8c12a23e5a373ef1e0791040ff2cadfa7a3d01e0fd1c142586d7a3f9c5ead03e
SHA512

f262f0d3976d4956c8bf6a4adc11da34a3d1971aef412ae5155a28b721c11679a290678631d1f9aab324c3aa356f6798bc04ed9dcc867119e71056dfdbad63cf
SSDEEP

3072:WYUb5QoJ4g+Ri+ZjKIz1ZdW4SrOLVSVpwr:WY7xhKSZI4zLVSVpq

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.3ebd750d865688c155f343179824cfb0.exe
- Size
  
  279KB
- MD5
  
  3ebd750d865688c155f343179824cfb0
- SHA1
  
  d8f5897a33c1b8605ae857228e0217b4067b65d2
- SHA256
  
  8c12a23e5a373ef1e0791040ff2cadfa7a3d01e0fd1c142586d7a3f9c5ead03e
- SHA512
  
  f262f0d3976d4956c8bf6a4adc11da34a3d1971aef412ae5155a28b721c11679a290678631d1f9aab324c3aa356f6798bc04ed9dcc867119e71056dfdbad63cf
- SSDEEP
  
  3072:WYUb5QoJ4g+Ri+ZjKIz1ZdW4SrOLVSVpwr:WY7xhKSZI4zLVSVpq
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2