d2cbb1d90ffcf48deb1daa864bd812d14696034365684bd0bf4ecbcc774c81ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.36c7045f6ac77fa97dc916dfca590b80.exe
Size

67KB
Sample

231106-3nxlysgd3w
MD5

36c7045f6ac77fa97dc916dfca590b80
SHA1

a86d578a06d2cf5f62b5f6b9673dbeb2933dd289
SHA256

d2cbb1d90ffcf48deb1daa864bd812d14696034365684bd0bf4ecbcc774c81ed
SHA512

8b9c0e0f321f0832d87d635d4435bdc29c6e9033fba4a4bfee6f0d61c1a2ed5c76bb6dc66f5b74581c51518dda3107ebdd8d74d919142fed2fb2b18829c67edd
SSDEEP

768:OrItKyw5WHXfQmjIiIk9ecAakMb96ZyXuDLdibfffbPPPI:Or3Z5IfQmv81abyyXcZibfffc

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  NEAS.36c7045f6ac77fa97dc916dfca590b80.exe
- Size
  
  67KB
- MD5
  
  36c7045f6ac77fa97dc916dfca590b80
- SHA1
  
  a86d578a06d2cf5f62b5f6b9673dbeb2933dd289
- SHA256
  
  d2cbb1d90ffcf48deb1daa864bd812d14696034365684bd0bf4ecbcc774c81ed
- SHA512
  
  8b9c0e0f321f0832d87d635d4435bdc29c6e9033fba4a4bfee6f0d61c1a2ed5c76bb6dc66f5b74581c51518dda3107ebdd8d74d919142fed2fb2b18829c67edd
- SSDEEP
  
  768:OrItKyw5WHXfQmjIiIk9ecAakMb96ZyXuDLdibfffbPPPI:Or3Z5IfQmv81abyyXcZibfffc
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2