f4ee8b1f64268d1e10bd68a82c5d7d027ede74ca5d42212670a04a44289a945e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d47a2b8129f71c7c1b3f86aafe76ac20.exe
Size

296KB
Sample

231013-zhyehsba29
MD5

d47a2b8129f71c7c1b3f86aafe76ac20
SHA1

040b897b58a3d49d9ab33e5a6ca8fe9443e54fc0
SHA256

f4ee8b1f64268d1e10bd68a82c5d7d027ede74ca5d42212670a04a44289a945e
SHA512

52b6c6f3f07217ed22b70cac94cf9249df0031830bbb19a3c5c539b8bfe5d1b8a97e31bdedb97e166e98bc7121c812dda97af1466c833ab7a780d95bd0dc6d7d
SSDEEP

3072:N8Pf3CQHoo9eHaYqfYkH4uKY/gH2ARA1+6NhZ6P0c9fpxg6pg:N8IeMqf5d2cNPKG6g

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.d47a2b8129f71c7c1b3f86aafe76ac20.exe
- Size
  
  296KB
- MD5
  
  d47a2b8129f71c7c1b3f86aafe76ac20
- SHA1
  
  040b897b58a3d49d9ab33e5a6ca8fe9443e54fc0
- SHA256
  
  f4ee8b1f64268d1e10bd68a82c5d7d027ede74ca5d42212670a04a44289a945e
- SHA512
  
  52b6c6f3f07217ed22b70cac94cf9249df0031830bbb19a3c5c539b8bfe5d1b8a97e31bdedb97e166e98bc7121c812dda97af1466c833ab7a780d95bd0dc6d7d
- SSDEEP
  
  3072:N8Pf3CQHoo9eHaYqfYkH4uKY/gH2ARA1+6NhZ6P0c9fpxg6pg:N8IeMqf5d2cNPKG6g
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2