66117f3580d2d41e929bd0aa9b015bb63180f263a67f2390935625cd07aa0e53 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6d1534da718d1c6b2fe7a1ac10001280.exe
Size

244KB
Sample

231013-y8evescg39
MD5

6d1534da718d1c6b2fe7a1ac10001280
SHA1

5cabae04140da9c5549d6e18a70f2095f07cc00c
SHA256

66117f3580d2d41e929bd0aa9b015bb63180f263a67f2390935625cd07aa0e53
SHA512

8d2f8661418611b69bf90164095772fbd8f0517e70279a891674ef372cf6e59f03a25d1ef02e94cd3423b6e26a59051650b349efe7a6e3d957d68463be86699c
SSDEEP

3072:2zpaFmBOPowlev9pui6yYPaI7DehizrVtNe3eBU053xQL8eY9rm5LQH:DoGWVpui6yYPaIGckSU05836S5

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.6d1534da718d1c6b2fe7a1ac10001280.exe
- Size
  
  244KB
- MD5
  
  6d1534da718d1c6b2fe7a1ac10001280
- SHA1
  
  5cabae04140da9c5549d6e18a70f2095f07cc00c
- SHA256
  
  66117f3580d2d41e929bd0aa9b015bb63180f263a67f2390935625cd07aa0e53
- SHA512
  
  8d2f8661418611b69bf90164095772fbd8f0517e70279a891674ef372cf6e59f03a25d1ef02e94cd3423b6e26a59051650b349efe7a6e3d957d68463be86699c
- SSDEEP
  
  3072:2zpaFmBOPowlev9pui6yYPaI7DehizrVtNe3eBU053xQL8eY9rm5LQH:DoGWVpui6yYPaIGckSU05836S5
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2