99678564e8d5d17317ed045d94ac667a12dc25c6782123cc1d4bbbcc541c3638 | Triage

Sharing

General

Target

NEAS.b27c68ace2127e7841b95ffea93780a0.exe
Size

249KB
Sample

231016-w7ef6ahh3y
MD5

b27c68ace2127e7841b95ffea93780a0
SHA1

f80a7a9b3036d8c6328841a9bcc5a22c92e289ec
SHA256

99678564e8d5d17317ed045d94ac667a12dc25c6782123cc1d4bbbcc541c3638
SHA512

acdea897103be2e4265aacbf8feb4ab039151838832d9ccb40024752e280bfc191f9f9e74843028bcadef1f3db9238dce5feae133e8dd75b229abf03857d1298
SSDEEP

3072:lCU2ckYFpQPJOvh08eYUEdmjRrz3TIUV4BKxAcL5CY2VePI8C3U/XYMJ2okZk:rJFp2oa33EdGTBki5CYtI8TAokZ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.b27c68ace2127e7841b95ffea93780a0.exe
- Size
  
  249KB
- MD5
  
  b27c68ace2127e7841b95ffea93780a0
- SHA1
  
  f80a7a9b3036d8c6328841a9bcc5a22c92e289ec
- SHA256
  
  99678564e8d5d17317ed045d94ac667a12dc25c6782123cc1d4bbbcc541c3638
- SHA512
  
  acdea897103be2e4265aacbf8feb4ab039151838832d9ccb40024752e280bfc191f9f9e74843028bcadef1f3db9238dce5feae133e8dd75b229abf03857d1298
- SSDEEP
  
  3072:lCU2ckYFpQPJOvh08eYUEdmjRrz3TIUV4BKxAcL5CY2VePI8C3U/XYMJ2okZk:rJFp2oa33EdGTBki5CYtI8TAokZ
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2