8f54df4085929128e6be50d0d9d113f62ba829518f10d0cca968aedcbd89adb3 | Triage

Sharing

General

Target

NEAS.1cea2b2f2e4071177f19f5f6d8e3e3f0.exe
Size

2.0MB
Sample

231103-qzy8psbd71
MD5

1cea2b2f2e4071177f19f5f6d8e3e3f0
SHA1

7fa064a7a55c7f672adae329757f665d23d2c580
SHA256

8f54df4085929128e6be50d0d9d113f62ba829518f10d0cca968aedcbd89adb3
SHA512

26b900be1b0dcf1f325b24dab653aecab70c06eec833f7ba6f92df79c114a9b7041e4af749151e43dcb3aca605a76ae41b9fc06fdd49088a4dd05ca94149cf8e
SSDEEP

49152:B884CWL0/fRZ12+zI9gQ2irbu9qhGjojqcs1LPhsUR:B8VjWJn69hF2RomcoLJ

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.1cea2b2f2e4071177f19f5f6d8e3e3f0.exe
- Size
  
  2.0MB
- MD5
  
  1cea2b2f2e4071177f19f5f6d8e3e3f0
- SHA1
  
  7fa064a7a55c7f672adae329757f665d23d2c580
- SHA256
  
  8f54df4085929128e6be50d0d9d113f62ba829518f10d0cca968aedcbd89adb3
- SHA512
  
  26b900be1b0dcf1f325b24dab653aecab70c06eec833f7ba6f92df79c114a9b7041e4af749151e43dcb3aca605a76ae41b9fc06fdd49088a4dd05ca94149cf8e
- SSDEEP
  
  49152:B884CWL0/fRZ12+zI9gQ2irbu9qhGjojqcs1LPhsUR:B8VjWJn69hF2RomcoLJ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2