General
-
Target
81903cdb97bd5b9c72d9072b1740aee0_NEAS
-
Size
1.5MB
-
Sample
240507-g796hach81
-
MD5
81903cdb97bd5b9c72d9072b1740aee0
-
SHA1
8a72ab5154346c36aba20e082da87a950c76281e
-
SHA256
8dbf3b1feee1e8decb8d5f8bd16207595cbc5840b809124b0676e496b75919d8
-
SHA512
139ab7e59b754b65e58ccd5fb6228fa6ade8d1ba059ba5d26f6393c690e54b7ac2a5cebdeef968473e1c50fd0356dcee41f75cf7bc6abed9db6a4620b9a24802
-
SSDEEP
49152:fXzfSHsRnD/ncYQQDZPpA7jPa/v6y1ib83Qkl:7f7RnrRQQDNpmmn6y1ibjkl
Malware Config
Targets
-
-
Target
81903cdb97bd5b9c72d9072b1740aee0_NEAS
-
Size
1.5MB
-
MD5
81903cdb97bd5b9c72d9072b1740aee0
-
SHA1
8a72ab5154346c36aba20e082da87a950c76281e
-
SHA256
8dbf3b1feee1e8decb8d5f8bd16207595cbc5840b809124b0676e496b75919d8
-
SHA512
139ab7e59b754b65e58ccd5fb6228fa6ade8d1ba059ba5d26f6393c690e54b7ac2a5cebdeef968473e1c50fd0356dcee41f75cf7bc6abed9db6a4620b9a24802
-
SSDEEP
49152:fXzfSHsRnD/ncYQQDZPpA7jPa/v6y1ib83Qkl:7f7RnrRQQDNpmmn6y1ibjkl
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-