af89f04d26921a9aa842ac2bb35c2c6b9ff055e2f81f21ffb8b1952209696bf6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.8ec30cdcf7383dcd18d79b17117c0100_JC.exe
Size

521KB
Sample

231105-s6dxfsgc6x
MD5

8ec30cdcf7383dcd18d79b17117c0100
SHA1

0a551a8e10c8bc9e48ec595609deb253af0991b1
SHA256

af89f04d26921a9aa842ac2bb35c2c6b9ff055e2f81f21ffb8b1952209696bf6
SHA512

852eab524d4aa34efcd615c8c9def9f5910217372b44d7d4c3a6296c9eb8529c4f37f552e4ba41fd253f41184281a05d5932814771280eef0be0d777c281cc31
SSDEEP

3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxr:dqDAwl0xPTMiR9JSSxPUKYGdodH4

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.8ec30cdcf7383dcd18d79b17117c0100_JC.exe
- Size
  
  521KB
- MD5
  
  8ec30cdcf7383dcd18d79b17117c0100
- SHA1
  
  0a551a8e10c8bc9e48ec595609deb253af0991b1
- SHA256
  
  af89f04d26921a9aa842ac2bb35c2c6b9ff055e2f81f21ffb8b1952209696bf6
- SHA512
  
  852eab524d4aa34efcd615c8c9def9f5910217372b44d7d4c3a6296c9eb8529c4f37f552e4ba41fd253f41184281a05d5932814771280eef0be0d777c281cc31
- SSDEEP
  
  3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxr:dqDAwl0xPTMiR9JSSxPUKYGdodH4
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2