9002eefcc7e2f11294d5e815ea966c8ea2cd2960913538e83bb61f0559c6f1ae | Triage

Sharing

General

Target

NEAS.c78781507fe1e646ca936d1332c0db10.exe
Size

465KB
Sample

231014-xw3kaaaa99
MD5

c78781507fe1e646ca936d1332c0db10
SHA1

9c91666f052c746f66e25b480d38b237a50f7212
SHA256

9002eefcc7e2f11294d5e815ea966c8ea2cd2960913538e83bb61f0559c6f1ae
SHA512

3a7a22c3b96c04a8554b5155a8eb37ff6c8f8c326610a1359daf2c2e4f3d9d6189e4614d7eaf9c552a1d6b142a916d24b157b12b9648f3488f87c2327e0237fb
SSDEEP

12288:kTOjQPBvU35t6NSN6G5tP6sus5t6NSN6G5tooQ:WOjQPBvUWc6vc6XoQ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.c78781507fe1e646ca936d1332c0db10.exe
- Size
  
  465KB
- MD5
  
  c78781507fe1e646ca936d1332c0db10
- SHA1
  
  9c91666f052c746f66e25b480d38b237a50f7212
- SHA256
  
  9002eefcc7e2f11294d5e815ea966c8ea2cd2960913538e83bb61f0559c6f1ae
- SHA512
  
  3a7a22c3b96c04a8554b5155a8eb37ff6c8f8c326610a1359daf2c2e4f3d9d6189e4614d7eaf9c552a1d6b142a916d24b157b12b9648f3488f87c2327e0237fb
- SSDEEP
  
  12288:kTOjQPBvU35t6NSN6G5tP6sus5t6NSN6G5tooQ:WOjQPBvUWc6vc6XoQ
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2