General
-
Target
NEAS.66c1d08667f4f3eec4fa85848c3e0ee0.exe
-
Size
392KB
-
Sample
231102-x1v11aga87
-
MD5
66c1d08667f4f3eec4fa85848c3e0ee0
-
SHA1
6a7414a10d1bf06eea71284d0f6f72d64db72c08
-
SHA256
e8219fa5b8c8e883153bd770544de7d212b2bc202e49a4d1cfca7cbb45b8912e
-
SHA512
8c89f8c53d1f665009aef5fb7843a0694a8d6cd485f5f163bde1e90ce0bce787ed400c00ab0fdf1814a90dd2cd97ecea46cd24b50188b29e03f663f613fa78d7
-
SSDEEP
6144:C7ASJKenie2xT2NU2OTFQb8Fb0I1UfFmPGL:Cl5nilTFQbI0a+GGL
Malware Config
Targets
-
-
Target
NEAS.66c1d08667f4f3eec4fa85848c3e0ee0.exe
-
Size
392KB
-
MD5
66c1d08667f4f3eec4fa85848c3e0ee0
-
SHA1
6a7414a10d1bf06eea71284d0f6f72d64db72c08
-
SHA256
e8219fa5b8c8e883153bd770544de7d212b2bc202e49a4d1cfca7cbb45b8912e
-
SHA512
8c89f8c53d1f665009aef5fb7843a0694a8d6cd485f5f163bde1e90ce0bce787ed400c00ab0fdf1814a90dd2cd97ecea46cd24b50188b29e03f663f613fa78d7
-
SSDEEP
6144:C7ASJKenie2xT2NU2OTFQb8Fb0I1UfFmPGL:Cl5nilTFQbI0a+GGL
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-