3e419261ca6ed4120e6fe81d8733639c83bea1927940ba6f5e86874789c7c64c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3e419261ca6ed4120e6fe81d8733639c83bea1927940ba6f5e86874789c7c64cexe_JC.exe
Size

585KB
Sample

231103-wlsrnaab34
MD5

0f027368d472192ac4d4f5544a70d48a
SHA1

6d7a0ad0f3ad882bf68a01f22bd578406ee7bbf0
SHA256

3e419261ca6ed4120e6fe81d8733639c83bea1927940ba6f5e86874789c7c64c
SHA512

96c12cee2ee698aa3bbd00d66ad0994cceeba8519e2c09b3374821b601c5528969fc5b6c9082e74e2d6bfa4c8facec5d804d4c3badab1e3f49e9edd208ae626f
SSDEEP

12288:Z9n75m4nse/nhmppEKHxox3clwm9Zq4BLuCqcrQ6:ZN5m4seUEwix3Y95LuUQ

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.3e419261ca6ed4120e6fe81d8733639c83bea1927940ba6f5e86874789c7c64cexe_JC.exe
- Size
  
  585KB
- MD5
  
  0f027368d472192ac4d4f5544a70d48a
- SHA1
  
  6d7a0ad0f3ad882bf68a01f22bd578406ee7bbf0
- SHA256
  
  3e419261ca6ed4120e6fe81d8733639c83bea1927940ba6f5e86874789c7c64c
- SHA512
  
  96c12cee2ee698aa3bbd00d66ad0994cceeba8519e2c09b3374821b601c5528969fc5b6c9082e74e2d6bfa4c8facec5d804d4c3badab1e3f49e9edd208ae626f
- SSDEEP
  
  12288:Z9n75m4nse/nhmppEKHxox3clwm9Zq4BLuCqcrQ6:ZN5m4seUEwix3Y95LuUQ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2