81329cd5acf4b5a5852093b37d3ccf4627999f0d1c4a25aa1f0afea36fe49016 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d7993734dacfec11d08c8f00097eb430.exe
Size

60KB
Sample

231013-zh94babc54
MD5

d7993734dacfec11d08c8f00097eb430
SHA1

e1e0c2c37566eb82b712102ad775c25d2060799b
SHA256

81329cd5acf4b5a5852093b37d3ccf4627999f0d1c4a25aa1f0afea36fe49016
SHA512

7474576b8c79e8c81eecb6a84e9cd494a57dc26d147621e98b1615b7e91f89b1b6a0dae1f631a3abbf03c7219110222812c3677930247de1e12cbbd06afa9ffe
SSDEEP

192:vbOzawOs81elJHsc45CcRZOgtShcWaOT2QLrCqwdY04/CFxyNhoy5t:vbLwOs8AHsc4sMfwhKQLroP4/CFsrd

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.d7993734dacfec11d08c8f00097eb430.exe
- Size
  
  60KB
- MD5
  
  d7993734dacfec11d08c8f00097eb430
- SHA1
  
  e1e0c2c37566eb82b712102ad775c25d2060799b
- SHA256
  
  81329cd5acf4b5a5852093b37d3ccf4627999f0d1c4a25aa1f0afea36fe49016
- SHA512
  
  7474576b8c79e8c81eecb6a84e9cd494a57dc26d147621e98b1615b7e91f89b1b6a0dae1f631a3abbf03c7219110222812c3677930247de1e12cbbd06afa9ffe
- SSDEEP
  
  192:vbOzawOs81elJHsc45CcRZOgtShcWaOT2QLrCqwdY04/CFxyNhoy5t:vbLwOs8AHsc4sMfwhKQLroP4/CFsrd
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2