6b4325be73812dcf224faf1b471117def39d506c96a4f1621ce5cef2faaf10a8 | Triage

Sharing

General

Target

NEAS.2d9c4e903c6180e693118e4b0b76a550.exe
Size

880KB
Sample

231013-ys9d4afe9y
MD5

2d9c4e903c6180e693118e4b0b76a550
SHA1

4f6d22925df468ee7336d5a1c0e811392e882781
SHA256

6b4325be73812dcf224faf1b471117def39d506c96a4f1621ce5cef2faaf10a8
SHA512

7845e00fbfc5ba949c1f26fe68d9da9fde3630ddf2a1563dcbdd35279980c13bb2d03c915946bb65c25ade40516d70ecd720f0d1585c908db7c5d4c25a5fac96
SSDEEP

12288:oFSKzbDjv1BW5pvmexavWBW5pvzcvTBW5pvmexavWBW5pvjkvQBW5pvmexavWBWS:oFSKXDpBixNBJBixNBiBixNBJBixNB

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.2d9c4e903c6180e693118e4b0b76a550.exe
- Size
  
  880KB
- MD5
  
  2d9c4e903c6180e693118e4b0b76a550
- SHA1
  
  4f6d22925df468ee7336d5a1c0e811392e882781
- SHA256
  
  6b4325be73812dcf224faf1b471117def39d506c96a4f1621ce5cef2faaf10a8
- SHA512
  
  7845e00fbfc5ba949c1f26fe68d9da9fde3630ddf2a1563dcbdd35279980c13bb2d03c915946bb65c25ade40516d70ecd720f0d1585c908db7c5d4c25a5fac96
- SSDEEP
  
  12288:oFSKzbDjv1BW5pvmexavWBW5pvzcvTBW5pvmexavWBW5pvjkvQBW5pvmexavWBWS:oFSKXDpBixNBJBixNBiBixNBJBixNB
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2