c6be9420fa9cf60b5b5691503afd506cb63d5eaad3aa415a47e2390f32b762fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.48870921174739209413bf1d976ba790_JC.exe
Size

26KB
Sample

231103-e1dslsea39
MD5

48870921174739209413bf1d976ba790
SHA1

1885c1e43b2898fb9760304881541dd177f128b5
SHA256

c6be9420fa9cf60b5b5691503afd506cb63d5eaad3aa415a47e2390f32b762fb
SHA512

cc416607b95cc05a43adad18fff439b371f95b6eeec10caecc74cc5e283dd231c81c01ab7d76efc51d04c272ce8b6bcbb2a507bfe54be88b9d37764094f0307a
SSDEEP

384:uu/JYSrFQjGxzfNHP151QUzMk9hBcecy44hLyG+mHDiJWs3WWST:d/3xd1HXzoy44hXPjiJx+

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.48870921174739209413bf1d976ba790_JC.exe
- Size
  
  26KB
- MD5
  
  48870921174739209413bf1d976ba790
- SHA1
  
  1885c1e43b2898fb9760304881541dd177f128b5
- SHA256
  
  c6be9420fa9cf60b5b5691503afd506cb63d5eaad3aa415a47e2390f32b762fb
- SHA512
  
  cc416607b95cc05a43adad18fff439b371f95b6eeec10caecc74cc5e283dd231c81c01ab7d76efc51d04c272ce8b6bcbb2a507bfe54be88b9d37764094f0307a
- SSDEEP
  
  384:uu/JYSrFQjGxzfNHP151QUzMk9hBcecy44hLyG+mHDiJWs3WWST:d/3xd1HXzoy44hXPjiJx+
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2