f9fa08fcda1c2f248833de86292e987aff042f3ba72c4a8f7a0ca64ad9fffe7a | Triage

Sharing

General

Target

NEAS.b9dedc740ca308e33a7a3220e3fcd400.exe
Size

384KB
Sample

231013-zd347sgf79
MD5

b9dedc740ca308e33a7a3220e3fcd400
SHA1

e286ca3f25d2af3dffd397b2badb42cba8d96384
SHA256

f9fa08fcda1c2f248833de86292e987aff042f3ba72c4a8f7a0ca64ad9fffe7a
SHA512

a0f0d924cd8a785a9fe136f6e9ee818176ad77b9f290bd03eb2d559e3eb7cf73571e8256e66cd8f5577cbba3983dc41982300e3f937528d6b359daca6a741e0e
SSDEEP

6144:7itAHrRa0MopRefFctRs+HLlD0rN2ZwVht740PU:7itAHr00MopgfgHpoxsoU

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.b9dedc740ca308e33a7a3220e3fcd400.exe
- Size
  
  384KB
- MD5
  
  b9dedc740ca308e33a7a3220e3fcd400
- SHA1
  
  e286ca3f25d2af3dffd397b2badb42cba8d96384
- SHA256
  
  f9fa08fcda1c2f248833de86292e987aff042f3ba72c4a8f7a0ca64ad9fffe7a
- SHA512
  
  a0f0d924cd8a785a9fe136f6e9ee818176ad77b9f290bd03eb2d559e3eb7cf73571e8256e66cd8f5577cbba3983dc41982300e3f937528d6b359daca6a741e0e
- SSDEEP
  
  6144:7itAHrRa0MopRefFctRs+HLlD0rN2ZwVht740PU:7itAHr00MopgfgHpoxsoU
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2