29fbb980b0f0dd6cd88ec7e913b7b133931ff203c8f0a30f03086e6f498d97c4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3707711768882e8eaaa7c7570daf2f40_NEAS
Size

35KB
Sample

240507-aa2pjacc37
MD5

3707711768882e8eaaa7c7570daf2f40
SHA1

8e897b62f93fda9c016f05e7460a42e8875065d7
SHA256

29fbb980b0f0dd6cd88ec7e913b7b133931ff203c8f0a30f03086e6f498d97c4
SHA512

f6d754f26831df5884b2cd952d5cf84254c2ee501c15ad29d6ae426a996952d30a0248eedd8d32c607a369f9be4cd3efc12b9c8aafd275d6a51c8c1ddd8f9b1e
SSDEEP

384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4l8tFFxE2B0qZh:btB9g/WItCSsAGjX7r3BTZh

Score

7^/10

Malware Config

Targets

- Target
  
  3707711768882e8eaaa7c7570daf2f40_NEAS
- Size
  
  35KB
- MD5
  
  3707711768882e8eaaa7c7570daf2f40
- SHA1
  
  8e897b62f93fda9c016f05e7460a42e8875065d7
- SHA256
  
  29fbb980b0f0dd6cd88ec7e913b7b133931ff203c8f0a30f03086e6f498d97c4
- SHA512
  
  f6d754f26831df5884b2cd952d5cf84254c2ee501c15ad29d6ae426a996952d30a0248eedd8d32c607a369f9be4cd3efc12b9c8aafd275d6a51c8c1ddd8f9b1e
- SSDEEP
  
  384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4l8tFFxE2B0qZh:btB9g/WItCSsAGjX7r3BTZh
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2