92a5287c932f37895fa2d3a1f366699c6acda7f4e9f62f89c5964d2424004427 | Triage

Sharing

General

Target

NEAS.e4d1106a859c1cee860cce21d66b61f0.exe
Size

315KB
Sample

231014-j8jq2sbd62
MD5

e4d1106a859c1cee860cce21d66b61f0
SHA1

8b86c29e6de2c9706110eb3f5243b913a6d01ffd
SHA256

92a5287c932f37895fa2d3a1f366699c6acda7f4e9f62f89c5964d2424004427
SHA512

d804cb75931b55165532a39922be4bff3c605c6d7cd27a716ef6216c3f5649b695ce75c82e7ff20444db4e82ed496e4af000e780e4bf190e6a2b878f8a44e4b7
SSDEEP

3072:bATYR6PDNq+tq749+f4auvZ7LC4ZR4mqmnKBstqBiPXPAPePdfVQ:02WNq+tqI+stesMmG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.e4d1106a859c1cee860cce21d66b61f0.exe
- Size
  
  315KB
- MD5
  
  e4d1106a859c1cee860cce21d66b61f0
- SHA1
  
  8b86c29e6de2c9706110eb3f5243b913a6d01ffd
- SHA256
  
  92a5287c932f37895fa2d3a1f366699c6acda7f4e9f62f89c5964d2424004427
- SHA512
  
  d804cb75931b55165532a39922be4bff3c605c6d7cd27a716ef6216c3f5649b695ce75c82e7ff20444db4e82ed496e4af000e780e4bf190e6a2b878f8a44e4b7
- SSDEEP
  
  3072:bATYR6PDNq+tq749+f4auvZ7LC4ZR4mqmnKBstqBiPXPAPePdfVQ:02WNq+tqI+stesMmG
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2