4795d42b6d451becb7fc7225ce4b2814119708389b2cf690378a424be711dd13 | Triage

Sharing

General

Target

NEAS.549d3d93a3c4f43d6276dd714bd15a90.exe
Size

164KB
Sample

231014-whgvzsae71
MD5

549d3d93a3c4f43d6276dd714bd15a90
SHA1

9f6c12b8d220bfb65b5c1682e3b39f452fa47bb1
SHA256

4795d42b6d451becb7fc7225ce4b2814119708389b2cf690378a424be711dd13
SHA512

e47ef14a23a655747409705bc9760ec1cfbba0177c853f3dc43cb2ec3e4059992d2bcd6724566cf1e749cdcc6b8cc48746a5ab63735e9fe417a41fcd476049ea
SSDEEP

3072:Gn+d96zYFzpCS10dvhkGFWBQTI08uFafmHURHAVgnvedh6DRyU:GmKYFzZIvGnwI08uF8YU8gnve7GR

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.549d3d93a3c4f43d6276dd714bd15a90.exe
- Size
  
  164KB
- MD5
  
  549d3d93a3c4f43d6276dd714bd15a90
- SHA1
  
  9f6c12b8d220bfb65b5c1682e3b39f452fa47bb1
- SHA256
  
  4795d42b6d451becb7fc7225ce4b2814119708389b2cf690378a424be711dd13
- SHA512
  
  e47ef14a23a655747409705bc9760ec1cfbba0177c853f3dc43cb2ec3e4059992d2bcd6724566cf1e749cdcc6b8cc48746a5ab63735e9fe417a41fcd476049ea
- SSDEEP
  
  3072:Gn+d96zYFzpCS10dvhkGFWBQTI08uFafmHURHAVgnvedh6DRyU:GmKYFzZIvGnwI08uF8YU8gnve7GR
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2