69f2adfafcb8e0a93ca793ff28df7b49100113ff2d7f92c7a2af4073a8db33ff | Triage

Sharing

General

Target

NEAS.23806a8e7334a1ffd8120fafb989b440.exe
Size

9.4MB
Sample

231118-hk394sce47
MD5

23806a8e7334a1ffd8120fafb989b440
SHA1

fa2e0fd59d4ec8cf63c9003aa60cbeb729884b86
SHA256

69f2adfafcb8e0a93ca793ff28df7b49100113ff2d7f92c7a2af4073a8db33ff
SHA512

f2f8588ef3af44a5d855f0f6d82c08fae2abe71c565c5009b69a74e77dd5571e1b650152f7281fc1da29a9191220f145f81f1dfbb60d21bf42e6ed1a01bcfdfa
SSDEEP

98304:yI9BsiUtk8XI8XxK8XI8XBUqk8XI8X+Utk8XI8XxJ8XfUqk8XI8X+Utk8XI8XC:yI9hU/h5hRUkhOU/h0vUkhOU/hy

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.23806a8e7334a1ffd8120fafb989b440.exe
- Size
  
  9.4MB
- MD5
  
  23806a8e7334a1ffd8120fafb989b440
- SHA1
  
  fa2e0fd59d4ec8cf63c9003aa60cbeb729884b86
- SHA256
  
  69f2adfafcb8e0a93ca793ff28df7b49100113ff2d7f92c7a2af4073a8db33ff
- SHA512
  
  f2f8588ef3af44a5d855f0f6d82c08fae2abe71c565c5009b69a74e77dd5571e1b650152f7281fc1da29a9191220f145f81f1dfbb60d21bf42e6ed1a01bcfdfa
- SSDEEP
  
  98304:yI9BsiUtk8XI8XxK8XI8XBUqk8XI8X+Utk8XI8XxJ8XfUqk8XI8X+Utk8XI8XC:yI9hU/h5hRUkhOU/h0vUkhOU/hy
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2