862555d44389aaf6258af17311244c64bbb7b66780e97ba1265d638a1a5e9b09 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6c77c52118e3caa89ba0ce8fdc538320_JC.exe
Size

12KB
Sample

231102-23gzdaah26
MD5

6c77c52118e3caa89ba0ce8fdc538320
SHA1

48adbba1d7b6300f1e70b6bbd7a0f946644cc6dd
SHA256

862555d44389aaf6258af17311244c64bbb7b66780e97ba1265d638a1a5e9b09
SHA512

68d3c67fe3dfaad9e17f43d7da46fe4dea5eb2c55d009d38b8576a912b2e62b0173ce04baff7ad278c177580a85083b9f7ad394842ab64749b8574a7cd982eb9
SSDEEP

384:oL7li/2zCq2DcEQvdhcJKLTp/NK9xajQ:WyM/Q9cjQ

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.6c77c52118e3caa89ba0ce8fdc538320_JC.exe
- Size
  
  12KB
- MD5
  
  6c77c52118e3caa89ba0ce8fdc538320
- SHA1
  
  48adbba1d7b6300f1e70b6bbd7a0f946644cc6dd
- SHA256
  
  862555d44389aaf6258af17311244c64bbb7b66780e97ba1265d638a1a5e9b09
- SHA512
  
  68d3c67fe3dfaad9e17f43d7da46fe4dea5eb2c55d009d38b8576a912b2e62b0173ce04baff7ad278c177580a85083b9f7ad394842ab64749b8574a7cd982eb9
- SSDEEP
  
  384:oL7li/2zCq2DcEQvdhcJKLTp/NK9xajQ:WyM/Q9cjQ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2