e6e38b05a6d3070066a0737ae6ffa4023c964d84c995a56c3f2f98a09ab84a49 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.dda96f68a625b1fa465cb05ae6e834e0.exe
Size

165KB
Sample

231112-zk5avacb38
MD5

dda96f68a625b1fa465cb05ae6e834e0
SHA1

26ccba39c29d37ffa3f92b015c12869c17ad0824
SHA256

e6e38b05a6d3070066a0737ae6ffa4023c964d84c995a56c3f2f98a09ab84a49
SHA512

609ab1c830df7a871aaa304b36b9404ea671ea8652edd34b7e0705e97aeca4eafd4532cf754365a447919f9156958069884707f4d6fa741568264f7efc28c71d
SSDEEP

3072:A4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4f:fiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.dda96f68a625b1fa465cb05ae6e834e0.exe
- Size
  
  165KB
- MD5
  
  dda96f68a625b1fa465cb05ae6e834e0
- SHA1
  
  26ccba39c29d37ffa3f92b015c12869c17ad0824
- SHA256
  
  e6e38b05a6d3070066a0737ae6ffa4023c964d84c995a56c3f2f98a09ab84a49
- SHA512
  
  609ab1c830df7a871aaa304b36b9404ea671ea8652edd34b7e0705e97aeca4eafd4532cf754365a447919f9156958069884707f4d6fa741568264f7efc28c71d
- SSDEEP
  
  3072:A4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4f:fiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2