e046390ace3e51dd773750d6b5b94a8800cf81d620a6dc7da60631492cb4a220 | Triage

Sharing

General

Target

NEAS.afb844934eb0df26a7f5ba3c19dfbda0.exe
Size

546KB
Sample

231118-f6a5cacg2z
MD5

afb844934eb0df26a7f5ba3c19dfbda0
SHA1

f72bb708433fe28ac1c7ace17095b261ff1c02a4
SHA256

e046390ace3e51dd773750d6b5b94a8800cf81d620a6dc7da60631492cb4a220
SHA512

c3ffee81b41292114cfb39c6f1552f8b2367d2ec6c0490e5a5aecce43f585c867bbb344f7837dbfaeea332dfb330035995529fcf75388ef3abaf753c2c851bac
SSDEEP

3072:iCaoAs1k1Pol0xPTM7mBCAdJSSxPUkl3ViFNdAMQTCk/dN92sdNhavtrVdewnAxj:iqDwwl0xPTMiB9JSSxPUKIWdod3XmF

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.afb844934eb0df26a7f5ba3c19dfbda0.exe
- Size
  
  546KB
- MD5
  
  afb844934eb0df26a7f5ba3c19dfbda0
- SHA1
  
  f72bb708433fe28ac1c7ace17095b261ff1c02a4
- SHA256
  
  e046390ace3e51dd773750d6b5b94a8800cf81d620a6dc7da60631492cb4a220
- SHA512
  
  c3ffee81b41292114cfb39c6f1552f8b2367d2ec6c0490e5a5aecce43f585c867bbb344f7837dbfaeea332dfb330035995529fcf75388ef3abaf753c2c851bac
- SSDEEP
  
  3072:iCaoAs1k1Pol0xPTM7mBCAdJSSxPUkl3ViFNdAMQTCk/dN92sdNhavtrVdewnAxj:iqDwwl0xPTMiB9JSSxPUKIWdod3XmF
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2