15346525932a5c204c866c5fa0ad4b0fa774974447c13a193e5b66416ebb0c7f | Triage

Sharing

General

Target

NEAS.af88fa5064893d9f2667e8588ee20890.exe
Size

343KB
Sample

231014-xtn9waeh2t
MD5

af88fa5064893d9f2667e8588ee20890
SHA1

eda813c2fba7a841dbb13e5fb1d1d9ae39525519
SHA256

15346525932a5c204c866c5fa0ad4b0fa774974447c13a193e5b66416ebb0c7f
SHA512

9feea1f0cba02a3d914e6210a252037a917efdb08d8c4c5c6e37436c4d331f1083d9f7fb341e536c2572b6e13407bdd4cc8f9e3702d714a5d3b0b0527fe4e70e
SSDEEP

6144:BEAXGYmlRLqO+uNk54t3haeTFLel6ZfoPPB2I5BjopZ7TngrVIeoKhyCjonootaP:qrYmGO+uNk54t3hJVKOfoHBfByZPgrVF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.af88fa5064893d9f2667e8588ee20890.exe
- Size
  
  343KB
- MD5
  
  af88fa5064893d9f2667e8588ee20890
- SHA1
  
  eda813c2fba7a841dbb13e5fb1d1d9ae39525519
- SHA256
  
  15346525932a5c204c866c5fa0ad4b0fa774974447c13a193e5b66416ebb0c7f
- SHA512
  
  9feea1f0cba02a3d914e6210a252037a917efdb08d8c4c5c6e37436c4d331f1083d9f7fb341e536c2572b6e13407bdd4cc8f9e3702d714a5d3b0b0527fe4e70e
- SSDEEP
  
  6144:BEAXGYmlRLqO+uNk54t3haeTFLel6ZfoPPB2I5BjopZ7TngrVIeoKhyCjonootaP:qrYmGO+uNk54t3hJVKOfoHBfByZPgrVF
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2