d444d0e257fa21c6533f1757b1b4baf74c4740cd2d452301003c5e40511b2455 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05dafd2d342a6f1eb03b581cb8a8bf00_NEAS
Size

42KB
Sample

240507-xlpwfach66
MD5

05dafd2d342a6f1eb03b581cb8a8bf00
SHA1

f0b6f4dcd2c62aca5f7ee0c33caf859308467ba2
SHA256

d444d0e257fa21c6533f1757b1b4baf74c4740cd2d452301003c5e40511b2455
SHA512

427baee739dea122d0e2094e64cac8a1361d61ee4675833bcdfc4d7e2febe11bff431b847dec1557cdce32270bd6d95b75575c9b6b15ea660d1928ccab4fc5d9
SSDEEP

768:7cPJdqNiwfKrgXAfTibWi/xRNExm9lp2m//S:QhdqNiwfJAfTibWi/NTEmS

Score

7^/10

Malware Config

Targets

- Target
  
  05dafd2d342a6f1eb03b581cb8a8bf00_NEAS
- Size
  
  42KB
- MD5
  
  05dafd2d342a6f1eb03b581cb8a8bf00
- SHA1
  
  f0b6f4dcd2c62aca5f7ee0c33caf859308467ba2
- SHA256
  
  d444d0e257fa21c6533f1757b1b4baf74c4740cd2d452301003c5e40511b2455
- SHA512
  
  427baee739dea122d0e2094e64cac8a1361d61ee4675833bcdfc4d7e2febe11bff431b847dec1557cdce32270bd6d95b75575c9b6b15ea660d1928ccab4fc5d9
- SSDEEP
  
  768:7cPJdqNiwfKrgXAfTibWi/xRNExm9lp2m//S:QhdqNiwfJAfTibWi/NTEmS
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2