6630e0fc168c03fc3758f7a7fdb8470a484a3a63043bb8b18663650d66f8e598 | Triage

Sharing

General

Target

NEAS.b661ab0fdbe8a28391a973329f575ef0.exe
Size

125KB
Sample

231013-zdqh4sed8z
MD5

b661ab0fdbe8a28391a973329f575ef0
SHA1

27597b4d5b38050da203445a671ec1467dfc7c83
SHA256

6630e0fc168c03fc3758f7a7fdb8470a484a3a63043bb8b18663650d66f8e598
SHA512

dff2ca316804e2a5bc9119e2d3c25a836e81c8e5b8f44c184ba6eab4d8cde7f779e1db9150438246b1b96fb2d3ac527fb6de32fd7a18099b60ab46e95e3e1f84
SSDEEP

3072:UYRvW0+4QNoEuPnYG5Tudp6nicf1WdTCn93OGey/ZhJakrPF:UW9+4QOEuPYGUwnicQTCndOGeKTaG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.b661ab0fdbe8a28391a973329f575ef0.exe
- Size
  
  125KB
- MD5
  
  b661ab0fdbe8a28391a973329f575ef0
- SHA1
  
  27597b4d5b38050da203445a671ec1467dfc7c83
- SHA256
  
  6630e0fc168c03fc3758f7a7fdb8470a484a3a63043bb8b18663650d66f8e598
- SHA512
  
  dff2ca316804e2a5bc9119e2d3c25a836e81c8e5b8f44c184ba6eab4d8cde7f779e1db9150438246b1b96fb2d3ac527fb6de32fd7a18099b60ab46e95e3e1f84
- SSDEEP
  
  3072:UYRvW0+4QNoEuPnYG5Tudp6nicf1WdTCn93OGey/ZhJakrPF:UW9+4QOEuPYGUwnicQTCndOGeKTaG
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2