4b703d88d5d26807a4f309c0ca150b8545ddfadf397dfa7821c63ff8b2d525e0 | Triage

Sharing

General

Target

NEAS.b1351ad94788c6d49d38cfdba6613080.exe
Size

121KB
Sample

231014-xttvcsgf95
MD5

b1351ad94788c6d49d38cfdba6613080
SHA1

17c20ca7a6ee1dbd786d74edea86ac7afade71ef
SHA256

4b703d88d5d26807a4f309c0ca150b8545ddfadf397dfa7821c63ff8b2d525e0
SHA512

86c4a136533cba30cb142a5b852f5e9d04fc9c87bb159bcb9744f08bca061eb77be9ca052247822c039fac077caed994a30347f1c1dfa0f5f9e6c88b712cf0b9
SSDEEP

3072:iMXd+LgCUGYOVVEsoPiuPjVy2bO7AJnD5tvv:1cdsaVE3PtZrbOarvv

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.b1351ad94788c6d49d38cfdba6613080.exe
- Size
  
  121KB
- MD5
  
  b1351ad94788c6d49d38cfdba6613080
- SHA1
  
  17c20ca7a6ee1dbd786d74edea86ac7afade71ef
- SHA256
  
  4b703d88d5d26807a4f309c0ca150b8545ddfadf397dfa7821c63ff8b2d525e0
- SHA512
  
  86c4a136533cba30cb142a5b852f5e9d04fc9c87bb159bcb9744f08bca061eb77be9ca052247822c039fac077caed994a30347f1c1dfa0f5f9e6c88b712cf0b9
- SSDEEP
  
  3072:iMXd+LgCUGYOVVEsoPiuPjVy2bO7AJnD5tvv:1cdsaVE3PtZrbOarvv
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2