ff46f6ca7579a1f0b6a3ae4f20431476be41326a91ec3de61847aaf33bdd8bd9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6ba6a2397e5e5d6c21057689eec8b70d.exe
Size

199KB
Sample

231101-kcnkssdb6v
MD5

6ba6a2397e5e5d6c21057689eec8b70d
SHA1

c401a23cff183e38742c55c554abe23ddc8886c0
SHA256

ff46f6ca7579a1f0b6a3ae4f20431476be41326a91ec3de61847aaf33bdd8bd9
SHA512

c24a2eac0e9e7dadf6bb597674dd859ff32aa2b4f2ac285ec255339eafd08a128d259b9a7b6a39db8e8d9f6a1fe15868739174a08b398a392700205dd02218af
SSDEEP

1536:cAnW+c+GL2VanyEAGHo7P1QAxdz28fahLonVDjt4Hc:cec+E2wnC/P1QAxdz4LonVW8

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.6ba6a2397e5e5d6c21057689eec8b70d.exe
- Size
  
  199KB
- MD5
  
  6ba6a2397e5e5d6c21057689eec8b70d
- SHA1
  
  c401a23cff183e38742c55c554abe23ddc8886c0
- SHA256
  
  ff46f6ca7579a1f0b6a3ae4f20431476be41326a91ec3de61847aaf33bdd8bd9
- SHA512
  
  c24a2eac0e9e7dadf6bb597674dd859ff32aa2b4f2ac285ec255339eafd08a128d259b9a7b6a39db8e8d9f6a1fe15868739174a08b398a392700205dd02218af
- SSDEEP
  
  1536:cAnW+c+GL2VanyEAGHo7P1QAxdz28fahLonVDjt4Hc:cec+E2wnC/P1QAxdz4LonVW8
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2