80fa7e0d7e39e56d8efb5b6d2781c517931668f555b6f1cbd6c5cfdd4a878ef0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.5d4e8f0c30165bcc556bfadf1d9b32f0.exe
Size

385KB
Sample

231014-wh8npscf96
MD5

5d4e8f0c30165bcc556bfadf1d9b32f0
SHA1

98cbf1bbd4a9611c73fc3b625e8e832b9541e984
SHA256

80fa7e0d7e39e56d8efb5b6d2781c517931668f555b6f1cbd6c5cfdd4a878ef0
SHA512

d3fc8c82a2e61d8dbca78b7686a041d82dc6f355dc09fd319af15f414d98530599821bdb94a7a3355c3b39b4eabd46f3145f81d610c5e5cf3c7670fda7dc9d5d
SSDEEP

3072:I+IMXO6oSnW42JLEGLTePNVAURfE+HXAB0kCySYo0CkkhHs4WfOoKc:I+IMe6oSWlfwNRs+HXc0uo0CkkW1f

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.5d4e8f0c30165bcc556bfadf1d9b32f0.exe
- Size
  
  385KB
- MD5
  
  5d4e8f0c30165bcc556bfadf1d9b32f0
- SHA1
  
  98cbf1bbd4a9611c73fc3b625e8e832b9541e984
- SHA256
  
  80fa7e0d7e39e56d8efb5b6d2781c517931668f555b6f1cbd6c5cfdd4a878ef0
- SHA512
  
  d3fc8c82a2e61d8dbca78b7686a041d82dc6f355dc09fd319af15f414d98530599821bdb94a7a3355c3b39b4eabd46f3145f81d610c5e5cf3c7670fda7dc9d5d
- SSDEEP
  
  3072:I+IMXO6oSnW42JLEGLTePNVAURfE+HXAB0kCySYo0CkkhHs4WfOoKc:I+IMe6oSWlfwNRs+HXc0uo0CkkW1f
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2