c1ee29f604fb64a8f2d32f5427475077d4369af5079265eb45606a6a76b2dcdd | Triage

Sharing

General

Target

NEAS.23ff35e0c3dc949d0c72cda35807cc50.exe
Size

314KB
Sample

231013-ysjhnsfa9y
MD5

23ff35e0c3dc949d0c72cda35807cc50
SHA1

b1e13bbeb17ef6898763f4df8875442848c55e52
SHA256

c1ee29f604fb64a8f2d32f5427475077d4369af5079265eb45606a6a76b2dcdd
SHA512

0d2807e0ef60dae3eb3ac73afefd423bf533ac922aba7ec06a132f8a9b11f560413fad4fb0077ba237a7aa43d4a27ada4acb0ac00520c398c594d7f1f57f3985
SSDEEP

6144:W4JwNmrFr34S3Oj6MB8MhjwszeXmr8SeNpgdyuH1lFDjC:/lrFrol6Najb87gP3C

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.23ff35e0c3dc949d0c72cda35807cc50.exe
- Size
  
  314KB
- MD5
  
  23ff35e0c3dc949d0c72cda35807cc50
- SHA1
  
  b1e13bbeb17ef6898763f4df8875442848c55e52
- SHA256
  
  c1ee29f604fb64a8f2d32f5427475077d4369af5079265eb45606a6a76b2dcdd
- SHA512
  
  0d2807e0ef60dae3eb3ac73afefd423bf533ac922aba7ec06a132f8a9b11f560413fad4fb0077ba237a7aa43d4a27ada4acb0ac00520c398c594d7f1f57f3985
- SSDEEP
  
  6144:W4JwNmrFr34S3Oj6MB8MhjwszeXmr8SeNpgdyuH1lFDjC:/lrFrol6Najb87gP3C
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2