1ab1a8a161c97e357f6928d510e7505c37d0404d3717acd6bf5793f0c41cc948 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c48ac42c9b1726f2b729bf04332bc280.exe
Size

81KB
Sample

231014-xwrg1sga9s
MD5

c48ac42c9b1726f2b729bf04332bc280
SHA1

ef3eb583b2dbef1a6eda248a4f90aed8f20e220b
SHA256

1ab1a8a161c97e357f6928d510e7505c37d0404d3717acd6bf5793f0c41cc948
SHA512

91a1bdeffbd7d393663ab395191d74be772870c8bbfeb09524df936279c9d28036f28e4458d0fdf7d68a983622e658088cb22bc42b35189f0ad973614898b87e
SSDEEP

1536:nirZNDSyYOHkefKLxElzmTNYej5v7m4LO++/+1m6KadhYxU33HX0L:CZNuyYOHhfJzkYcv/LrCimBaH8UH30L

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.c48ac42c9b1726f2b729bf04332bc280.exe
- Size
  
  81KB
- MD5
  
  c48ac42c9b1726f2b729bf04332bc280
- SHA1
  
  ef3eb583b2dbef1a6eda248a4f90aed8f20e220b
- SHA256
  
  1ab1a8a161c97e357f6928d510e7505c37d0404d3717acd6bf5793f0c41cc948
- SHA512
  
  91a1bdeffbd7d393663ab395191d74be772870c8bbfeb09524df936279c9d28036f28e4458d0fdf7d68a983622e658088cb22bc42b35189f0ad973614898b87e
- SSDEEP
  
  1536:nirZNDSyYOHkefKLxElzmTNYej5v7m4LO++/+1m6KadhYxU33HX0L:CZNuyYOHhfJzkYcv/LrCimBaH8UH30L
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2