d8e05382db65fbd2ff1604371c1dd3180ed7515545bc29c7e1bdf1bd61c86f4b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2f1ee918fc2a74fd655696d8df322d00.exe
Size

85KB
Sample

231013-ytc3aaff6x
MD5

2f1ee918fc2a74fd655696d8df322d00
SHA1

fdc97b3f4cba85a042dd46fa729f3e7ce89315bc
SHA256

d8e05382db65fbd2ff1604371c1dd3180ed7515545bc29c7e1bdf1bd61c86f4b
SHA512

774cb4c8f4e08a506cd046ae4c0dfaff6c292aa8986cec8a94cd145f6dbf5acd3342d2c3d1a5e3f28fcad081a4247e4390ee85b3289df6dc9174f7b7eb34f898
SSDEEP

1536:NeWJ3WWVxMxsTBYHmEgQXQWH5pCpUJyHSZ52LHPMQ262AjCsQ2PCZZrqOlNfVSLA:NjGOOsTB7Qw1HPMQH2qC7ZQOlzSLUK+

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.2f1ee918fc2a74fd655696d8df322d00.exe
- Size
  
  85KB
- MD5
  
  2f1ee918fc2a74fd655696d8df322d00
- SHA1
  
  fdc97b3f4cba85a042dd46fa729f3e7ce89315bc
- SHA256
  
  d8e05382db65fbd2ff1604371c1dd3180ed7515545bc29c7e1bdf1bd61c86f4b
- SHA512
  
  774cb4c8f4e08a506cd046ae4c0dfaff6c292aa8986cec8a94cd145f6dbf5acd3342d2c3d1a5e3f28fcad081a4247e4390ee85b3289df6dc9174f7b7eb34f898
- SSDEEP
  
  1536:NeWJ3WWVxMxsTBYHmEgQXQWH5pCpUJyHSZ52LHPMQ262AjCsQ2PCZZrqOlNfVSLA:NjGOOsTB7Qw1HPMQH2qC7ZQOlzSLUK+
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2