61b44f60b62fd8ef1ab86bf7be9c1ecdcf5230b41e2f5f6b419ab1317ab8642d | Triage

Sharing

General

Target

NEAS.bf893707505ba989b6616fbc05343760.exe
Size

66KB
Sample

231016-w8qwkscb97
MD5

bf893707505ba989b6616fbc05343760
SHA1

9a5c99654686170f5d2bd0a7ddc06219eaac44bd
SHA256

61b44f60b62fd8ef1ab86bf7be9c1ecdcf5230b41e2f5f6b419ab1317ab8642d
SHA512

e94bcabd9d6432be0c3de82053b9292f114500bd1d7c1a782ef1a7950af11d154e86224b96b7036330c05248a83ee3627d65b4cd030fd2febe10dc296ce9eadb
SSDEEP

1536:3UHYo5arwfSJpgGRhS/tveE2pPDRKonsMRa5/UE2UIdgJbm:3UHY7fgGKwDRKQ8aiJbm

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  NEAS.bf893707505ba989b6616fbc05343760.exe
- Size
  
  66KB
- MD5
  
  bf893707505ba989b6616fbc05343760
- SHA1
  
  9a5c99654686170f5d2bd0a7ddc06219eaac44bd
- SHA256
  
  61b44f60b62fd8ef1ab86bf7be9c1ecdcf5230b41e2f5f6b419ab1317ab8642d
- SHA512
  
  e94bcabd9d6432be0c3de82053b9292f114500bd1d7c1a782ef1a7950af11d154e86224b96b7036330c05248a83ee3627d65b4cd030fd2febe10dc296ce9eadb
- SSDEEP
  
  1536:3UHYo5arwfSJpgGRhS/tveE2pPDRKonsMRa5/UE2UIdgJbm:3UHY7fgGKwDRKQ8aiJbm
Score

8^/10

discovery
- Contacts a large (548) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2