d6e2c09c8162c270aae18ebf4e7dcf44e5a3b64f5aa47a77159f282b0183b82f | Triage

Sharing

General

Target

NEAS.c08eaa4e142c624d76a5f10f28849560.exe
Size

459KB
Sample

231013-zetl6afc8s
MD5

c08eaa4e142c624d76a5f10f28849560
SHA1

5c5d1919910aaabc51e73e07c4cf6406b4ecde47
SHA256

d6e2c09c8162c270aae18ebf4e7dcf44e5a3b64f5aa47a77159f282b0183b82f
SHA512

2aeb43ac797f1097f6b1a3b457f7e25164098977424c3a60a1a2fa7c88494d02737e8eab0c9f77ce55c52a38f455783dbdf2ab3254e9e5b8808f9d508017440b
SSDEEP

12288:Oe6MuUo8MmmpNs/VXMmmg8MmmpNs/VXMmm:nuUqEdAgxEdA

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.c08eaa4e142c624d76a5f10f28849560.exe
- Size
  
  459KB
- MD5
  
  c08eaa4e142c624d76a5f10f28849560
- SHA1
  
  5c5d1919910aaabc51e73e07c4cf6406b4ecde47
- SHA256
  
  d6e2c09c8162c270aae18ebf4e7dcf44e5a3b64f5aa47a77159f282b0183b82f
- SHA512
  
  2aeb43ac797f1097f6b1a3b457f7e25164098977424c3a60a1a2fa7c88494d02737e8eab0c9f77ce55c52a38f455783dbdf2ab3254e9e5b8808f9d508017440b
- SSDEEP
  
  12288:Oe6MuUo8MmmpNs/VXMmmg8MmmpNs/VXMmm:nuUqEdAgxEdA
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2