30a93d0475e998c61ace0c4cda62bf474303d2d85b9b07dfff7f4a2e62193481 | Triage

Sharing

General

Target

NEAS.a20f9982963e2f05dc071d503aa1fcf0.exe
Size

364KB
Sample

231013-zb1w3adb51
MD5

a20f9982963e2f05dc071d503aa1fcf0
SHA1

783b827df4207b05e986814780a47e3192a4293f
SHA256

30a93d0475e998c61ace0c4cda62bf474303d2d85b9b07dfff7f4a2e62193481
SHA512

cb49f6ccb6be8e52dffed1deaaa368d0b64eb4c1b5ec8f1f261631224b991cb87e8448e61c4cf959ed12590d8854149bff913c6de6aef192ce4dc1eed6bbee04
SSDEEP

6144:DNMNrXvoozmsFj5tT3sF0DJ+KsFj5tT3sF:5M1FKs15tLscs15tLs

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.a20f9982963e2f05dc071d503aa1fcf0.exe
- Size
  
  364KB
- MD5
  
  a20f9982963e2f05dc071d503aa1fcf0
- SHA1
  
  783b827df4207b05e986814780a47e3192a4293f
- SHA256
  
  30a93d0475e998c61ace0c4cda62bf474303d2d85b9b07dfff7f4a2e62193481
- SHA512
  
  cb49f6ccb6be8e52dffed1deaaa368d0b64eb4c1b5ec8f1f261631224b991cb87e8448e61c4cf959ed12590d8854149bff913c6de6aef192ce4dc1eed6bbee04
- SSDEEP
  
  6144:DNMNrXvoozmsFj5tT3sF0DJ+KsFj5tT3sF:5M1FKs15tLscs15tLs
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2