a95e290b6aff77d9f420009bcd288fb4c3c94f69ebd29d3f76ca8c2ca05d0fbe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.5c44c5b89a35dc8324c6cd20e27d5a70.exe
Size

128KB
Sample

231013-y65m3ahh5w
MD5

5c44c5b89a35dc8324c6cd20e27d5a70
SHA1

984975618b13749de8a6c61911e07ef677429fb0
SHA256

a95e290b6aff77d9f420009bcd288fb4c3c94f69ebd29d3f76ca8c2ca05d0fbe
SHA512

93922fdce22e5c282c8bea6a1106fca5ba932a8800f69f9f6ff4331a77c18606598875e392464520e91b40b828ddeeef2cdbdb410b54763b8f02c17057ffa28e
SSDEEP

3072:/qN7daAllX9JB5eLSJdEN0s4WE+3S9pui6yYPaI7DX:/qOALt/MeENm+3Mpui6yYPaI/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.5c44c5b89a35dc8324c6cd20e27d5a70.exe
- Size
  
  128KB
- MD5
  
  5c44c5b89a35dc8324c6cd20e27d5a70
- SHA1
  
  984975618b13749de8a6c61911e07ef677429fb0
- SHA256
  
  a95e290b6aff77d9f420009bcd288fb4c3c94f69ebd29d3f76ca8c2ca05d0fbe
- SHA512
  
  93922fdce22e5c282c8bea6a1106fca5ba932a8800f69f9f6ff4331a77c18606598875e392464520e91b40b828ddeeef2cdbdb410b54763b8f02c17057ffa28e
- SSDEEP
  
  3072:/qN7daAllX9JB5eLSJdEN0s4WE+3S9pui6yYPaI7DX:/qOALt/MeENm+3Mpui6yYPaI/
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2