dd966c6214d0d9666ac0234af574aeaea458815d35a3914da923ca87b5c97ae3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.849bcfa60bf5cbef20a43b0299897a60.exe
Size

515KB
Sample

231105-k3kltsde71
MD5

849bcfa60bf5cbef20a43b0299897a60
SHA1

190dc81257c1095d9567332cb1e9c350067bf973
SHA256

dd966c6214d0d9666ac0234af574aeaea458815d35a3914da923ca87b5c97ae3
SHA512

e7f3bfeb996d783cda402c16fae44757e56c838a73715728afd508301a87e1f9a5ba8d523c3710ce03db6a4316b7008fcf5567ee086abc2fa6a2bedbae3bc727
SSDEEP

3072:oCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxW:oqDAwl0xPTMiR9JSSxPUKYGdodHZ

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.849bcfa60bf5cbef20a43b0299897a60.exe
- Size
  
  515KB
- MD5
  
  849bcfa60bf5cbef20a43b0299897a60
- SHA1
  
  190dc81257c1095d9567332cb1e9c350067bf973
- SHA256
  
  dd966c6214d0d9666ac0234af574aeaea458815d35a3914da923ca87b5c97ae3
- SHA512
  
  e7f3bfeb996d783cda402c16fae44757e56c838a73715728afd508301a87e1f9a5ba8d523c3710ce03db6a4316b7008fcf5567ee086abc2fa6a2bedbae3bc727
- SSDEEP
  
  3072:oCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxW:oqDAwl0xPTMiR9JSSxPUKYGdodHZ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2