c2af6f0fbff0874aa1d4a897c9f162eccad64f3e54f13cdbb680e9cbd64ac4ea | Triage

Sharing

General

Target

NEAS.e5a0d8ea91aee31d1b016e7465d8cd30.exe
Size

84KB
Sample

231102-rmyl3sda8y
MD5

e5a0d8ea91aee31d1b016e7465d8cd30
SHA1

22dcc66017f327187ace4e6c1234179ce348d3cf
SHA256

c2af6f0fbff0874aa1d4a897c9f162eccad64f3e54f13cdbb680e9cbd64ac4ea
SHA512

370419f055106f8fb523dbef7cf320fa6217f549534c56c36b5c3def1d38da05fa588edae6c74e1fb5a2a866a22051e30aa22fff20e8708b2c15fe3827fb3f2f
SSDEEP

1536:bFlPNTFdMMs/mBP6ipzOW2+3GHSesGzjxXP6Y89lq:bLNTFdMMsgOW+HS4r

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.e5a0d8ea91aee31d1b016e7465d8cd30.exe
- Size
  
  84KB
- MD5
  
  e5a0d8ea91aee31d1b016e7465d8cd30
- SHA1
  
  22dcc66017f327187ace4e6c1234179ce348d3cf
- SHA256
  
  c2af6f0fbff0874aa1d4a897c9f162eccad64f3e54f13cdbb680e9cbd64ac4ea
- SHA512
  
  370419f055106f8fb523dbef7cf320fa6217f549534c56c36b5c3def1d38da05fa588edae6c74e1fb5a2a866a22051e30aa22fff20e8708b2c15fe3827fb3f2f
- SSDEEP
  
  1536:bFlPNTFdMMs/mBP6ipzOW2+3GHSesGzjxXP6Y89lq:bLNTFdMMsgOW+HS4r
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2