daaf2658a2d47cbc886395394170f1fb425bbb9b4d6349991fd09259dd968f3a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d224e05b6fcb7efd2cdfa8c68e709b10.exe
Size

61KB
Sample

231104-sv6s4aca5t
MD5

d224e05b6fcb7efd2cdfa8c68e709b10
SHA1

f527cfc9c1bc8f288efa7ea53c85e9b2a6fccad8
SHA256

daaf2658a2d47cbc886395394170f1fb425bbb9b4d6349991fd09259dd968f3a
SHA512

60cba18cd1b4b97544eabec4b1dce43bd0c5672bcd333250c6bf97648ae08ec75092a881e9faccd0bdca77d1507eb164bfff7627a5e146e64fb53e546deb8009
SSDEEP

768:OrItKyw5WHXfQmjIiIk9ecAaqMb96oyXcDLdK:Or3Z5IfQmv81aR3yX2ZK

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  NEAS.d224e05b6fcb7efd2cdfa8c68e709b10.exe
- Size
  
  61KB
- MD5
  
  d224e05b6fcb7efd2cdfa8c68e709b10
- SHA1
  
  f527cfc9c1bc8f288efa7ea53c85e9b2a6fccad8
- SHA256
  
  daaf2658a2d47cbc886395394170f1fb425bbb9b4d6349991fd09259dd968f3a
- SHA512
  
  60cba18cd1b4b97544eabec4b1dce43bd0c5672bcd333250c6bf97648ae08ec75092a881e9faccd0bdca77d1507eb164bfff7627a5e146e64fb53e546deb8009
- SSDEEP
  
  768:OrItKyw5WHXfQmjIiIk9ecAaqMb96oyXcDLdK:Or3Z5IfQmv81aR3yX2ZK
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2