3b52d1cf0babe23278d52bc17690c26b248c5da688bf642fd50eebcc60bd3499 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0ed1fba0a7285187d8eade34d9c5a180.exe
Size

50KB
Sample

231104-rg4k5sdb34
MD5

0ed1fba0a7285187d8eade34d9c5a180
SHA1

803d16ffc38a0bce5943c8bbe855653f277916e6
SHA256

3b52d1cf0babe23278d52bc17690c26b248c5da688bf642fd50eebcc60bd3499
SHA512

e349e37519a296d9c1ee734d7580c614e1d106f7360b799d15512315e3495d332cc80bc4b34b42a09fb924c9d43bc5ce8a0f44b336be563a1300f324d4205a50
SSDEEP

768:qRVyGrbqomOIPpkbWJu8T3maD2o28H1w4Btp:CXIOAowuQVw4Btp

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.0ed1fba0a7285187d8eade34d9c5a180.exe
- Size
  
  50KB
- MD5
  
  0ed1fba0a7285187d8eade34d9c5a180
- SHA1
  
  803d16ffc38a0bce5943c8bbe855653f277916e6
- SHA256
  
  3b52d1cf0babe23278d52bc17690c26b248c5da688bf642fd50eebcc60bd3499
- SHA512
  
  e349e37519a296d9c1ee734d7580c614e1d106f7360b799d15512315e3495d332cc80bc4b34b42a09fb924c9d43bc5ce8a0f44b336be563a1300f324d4205a50
- SSDEEP
  
  768:qRVyGrbqomOIPpkbWJu8T3maD2o28H1w4Btp:CXIOAowuQVw4Btp
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2