54d529c60dcc31c3f53de49b9ef4897d570ba064d6c3ddad1281f9049431a07c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a002ad0684aa939abed94368f6ca9060.exe
Size

135KB
Sample

231013-zbvp2sfa66
MD5

a002ad0684aa939abed94368f6ca9060
SHA1

71ee99fe42621d5c4a19bad8abadd81db86adbb2
SHA256

54d529c60dcc31c3f53de49b9ef4897d570ba064d6c3ddad1281f9049431a07c
SHA512

91f8e4f95596ae033521f123a8d8ed1dc68b64c8434ce816426a31fe9e9e809076044ef67c8f282aae9d1be2c2df1106b8c008fde7132e7257f0e0484c4f7807
SSDEEP

1536:UfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbVH1:UVqoCl/YgjxEufVU0TbTyDDalJ1

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  NEAS.a002ad0684aa939abed94368f6ca9060.exe
- Size
  
  135KB
- MD5
  
  a002ad0684aa939abed94368f6ca9060
- SHA1
  
  71ee99fe42621d5c4a19bad8abadd81db86adbb2
- SHA256
  
  54d529c60dcc31c3f53de49b9ef4897d570ba064d6c3ddad1281f9049431a07c
- SHA512
  
  91f8e4f95596ae033521f123a8d8ed1dc68b64c8434ce816426a31fe9e9e809076044ef67c8f282aae9d1be2c2df1106b8c008fde7132e7257f0e0484c4f7807
- SSDEEP
  
  1536:UfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbVH1:UVqoCl/YgjxEufVU0TbTyDDalJ1
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence