d3087c525629935345983c883fe7fb30d5251984ffe5bb45cc71e4cf226cc7af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.NEASe1a7a2ead65bbef6f0b4d7afa9c8e21dexe.exe
Size

153KB
Sample

231013-yfec7agc23
MD5

e1a7a2ead65bbef6f0b4d7afa9c8e21d
SHA1

bc38e8d994f06ffc9c4a441d6899d99b934fb40c
SHA256

d3087c525629935345983c883fe7fb30d5251984ffe5bb45cc71e4cf226cc7af
SHA512

ef7c56bea7a3bc69dd9bcd42265ecfe5a6c37c7e7484cb2cef155439bc49a405bbb64beaeb56f37f64b9d8fc5c2c62d9356604ad7473c008cb7d0397bce7f67b
SSDEEP

3072:j3oG9x3Bs/RjtzUAEQGBcHN0OlaxP3DZyN/+oeRpxPdZFibDyxn:jb3B8RJ4AHj05xP3DZyN1eRppzcexn

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.NEASe1a7a2ead65bbef6f0b4d7afa9c8e21dexe.exe
- Size
  
  153KB
- MD5
  
  e1a7a2ead65bbef6f0b4d7afa9c8e21d
- SHA1
  
  bc38e8d994f06ffc9c4a441d6899d99b934fb40c
- SHA256
  
  d3087c525629935345983c883fe7fb30d5251984ffe5bb45cc71e4cf226cc7af
- SHA512
  
  ef7c56bea7a3bc69dd9bcd42265ecfe5a6c37c7e7484cb2cef155439bc49a405bbb64beaeb56f37f64b9d8fc5c2c62d9356604ad7473c008cb7d0397bce7f67b
- SSDEEP
  
  3072:j3oG9x3Bs/RjtzUAEQGBcHN0OlaxP3DZyN/+oeRpxPdZFibDyxn:jb3B8RJ4AHj05xP3DZyN1eRppzcexn
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2