5c5c73ae249ed96120d48e5ef2dbb7edf54b2e0f92eecc7745f6174b03074aaf | Triage

Sharing

General

Target

NEAS.065eade139f12d88f1f979cfea542049.exe
Size

56KB
Sample

231112-vrtepshc5w
MD5

065eade139f12d88f1f979cfea542049
SHA1

daf353138afd9bab504e843077c4b4453f56291b
SHA256

5c5c73ae249ed96120d48e5ef2dbb7edf54b2e0f92eecc7745f6174b03074aaf
SHA512

988a2ab1d0cb0d57cc2f7f02a604254504fdb4400bfd3f2aeab0b6c4158074c2c20d1fb1e01aeecc045b51c3f2ca0b0903dc490f7a5fb2db5252d8fd3416518f
SSDEEP

768:D00UHf57LnWykdBdusOAL/2DH9owR97k9/l4ElXYWFoHiPI6zDw1T6cBJhFd/B5+:D00URPnKfZrT2DawRR8JfP3gZB355B/s

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.065eade139f12d88f1f979cfea542049.exe
- Size
  
  56KB
- MD5
  
  065eade139f12d88f1f979cfea542049
- SHA1
  
  daf353138afd9bab504e843077c4b4453f56291b
- SHA256
  
  5c5c73ae249ed96120d48e5ef2dbb7edf54b2e0f92eecc7745f6174b03074aaf
- SHA512
  
  988a2ab1d0cb0d57cc2f7f02a604254504fdb4400bfd3f2aeab0b6c4158074c2c20d1fb1e01aeecc045b51c3f2ca0b0903dc490f7a5fb2db5252d8fd3416518f
- SSDEEP
  
  768:D00UHf57LnWykdBdusOAL/2DH9owR97k9/l4ElXYWFoHiPI6zDw1T6cBJhFd/B5+:D00URPnKfZrT2DawRR8JfP3gZB355B/s
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2