e05f4ce2602ef0e7d507a32c542f208ce459b46cb1322c24d68102328d71c7f5 | Triage

Sharing

General

Target

NEAS.c6e1b44f11eb872cef47463c89600330.exe
Size

144KB
Sample

231016-w9l9sacf73
MD5

c6e1b44f11eb872cef47463c89600330
SHA1

ab9832bb4a16e52c38121dec9decd88068e279d5
SHA256

e05f4ce2602ef0e7d507a32c542f208ce459b46cb1322c24d68102328d71c7f5
SHA512

2e091fd5d5b3ef5f6e28dffa95f5a82e38aa4a5542ceefffc07ca9878b7bc1da9bf1992c256bf5530fc8319b0fb8460161e1c4d672c95bec3447f3e8f698ff3c
SSDEEP

3072:awfsct/49lNtAcDfgdDK5DQzdH13+EE+RaZ6r+GDZnBcVU:a3849dAcDf7Qzd5IF6rfBBcVU

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.c6e1b44f11eb872cef47463c89600330.exe
- Size
  
  144KB
- MD5
  
  c6e1b44f11eb872cef47463c89600330
- SHA1
  
  ab9832bb4a16e52c38121dec9decd88068e279d5
- SHA256
  
  e05f4ce2602ef0e7d507a32c542f208ce459b46cb1322c24d68102328d71c7f5
- SHA512
  
  2e091fd5d5b3ef5f6e28dffa95f5a82e38aa4a5542ceefffc07ca9878b7bc1da9bf1992c256bf5530fc8319b0fb8460161e1c4d672c95bec3447f3e8f698ff3c
- SSDEEP
  
  3072:awfsct/49lNtAcDfgdDK5DQzdH13+EE+RaZ6r+GDZnBcVU:a3849dAcDf7Qzd5IF6rfBBcVU
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2