951c1997be3e152be1d64160661d549e156cd159194bddbb56bdaf0476e80610 | Triage

Sharing

General

Target

951c1997be3e152be1d64160661d549e156cd159194bddbb56bdaf0476e80610.exe
Size

15KB
Sample

241121-neemfswmbj
MD5

c19aaa16857dcee1b1926753c561aa50
SHA1

ea763ca1ea9dd3b3e4b3697e069a2a8c9073325c
SHA256

951c1997be3e152be1d64160661d549e156cd159194bddbb56bdaf0476e80610
SHA512

78cf60556b854ee665dd0d728ea8575c5a6c083005a5705831c55b11469a2cd55f558bffac1fcdd0adc7fb1cbb36ae1aa2dcffdfa81a525f670224453afd5f52
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYyh6E:hDXWipuE+K3/SSHgxmyh6E

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  951c1997be3e152be1d64160661d549e156cd159194bddbb56bdaf0476e80610.exe
- Size
  
  15KB
- MD5
  
  c19aaa16857dcee1b1926753c561aa50
- SHA1
  
  ea763ca1ea9dd3b3e4b3697e069a2a8c9073325c
- SHA256
  
  951c1997be3e152be1d64160661d549e156cd159194bddbb56bdaf0476e80610
- SHA512
  
  78cf60556b854ee665dd0d728ea8575c5a6c083005a5705831c55b11469a2cd55f558bffac1fcdd0adc7fb1cbb36ae1aa2dcffdfa81a525f670224453afd5f52
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYyh6E:hDXWipuE+K3/SSHgxmyh6E
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2