5dd4e04ca41e448431a1b6b75be8a67d3ce208e2abcf7dfcb45f032e8cdbe533 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.bd31ad140f9dab0a2c81cc3608fc4c20.exe
Size

79KB
Sample

231013-zegycsha74
MD5

bd31ad140f9dab0a2c81cc3608fc4c20
SHA1

4d989be6137e41e29861ff268c42cb8634a3022b
SHA256

5dd4e04ca41e448431a1b6b75be8a67d3ce208e2abcf7dfcb45f032e8cdbe533
SHA512

89a173e36c2f7a6342de5ffb1c6c411caf176f89d8ae562b75b37c81d81db702466861c1117d2fd4b367e09521cddabfcce9f8016a8bfd6061d3faf9b67d48e8
SSDEEP

1536:bLAmfZHQhgPlfTDEvxV769jpnUEniFkSIgiItKq9v6DK:bkmfZHQhgPl7DEvx43UEnixtBtKq9vV

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.bd31ad140f9dab0a2c81cc3608fc4c20.exe
- Size
  
  79KB
- MD5
  
  bd31ad140f9dab0a2c81cc3608fc4c20
- SHA1
  
  4d989be6137e41e29861ff268c42cb8634a3022b
- SHA256
  
  5dd4e04ca41e448431a1b6b75be8a67d3ce208e2abcf7dfcb45f032e8cdbe533
- SHA512
  
  89a173e36c2f7a6342de5ffb1c6c411caf176f89d8ae562b75b37c81d81db702466861c1117d2fd4b367e09521cddabfcce9f8016a8bfd6061d3faf9b67d48e8
- SSDEEP
  
  1536:bLAmfZHQhgPlfTDEvxV769jpnUEniFkSIgiItKq9v6DK:bkmfZHQhgPl7DEvx43UEnixtBtKq9vV
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2