16df0153ecd9ad5f8249efa9df3a384699d99b6cb12fdad27e840e6e52459ea8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.5aff17af101ab2965cb9c1f76dca48a0.exe
Size

59KB
Sample

231016-wzw18sfd72
MD5

5aff17af101ab2965cb9c1f76dca48a0
SHA1

7249a55f12a0365b8025c741df2a86e4d8fa9fc2
SHA256

16df0153ecd9ad5f8249efa9df3a384699d99b6cb12fdad27e840e6e52459ea8
SHA512

b605db18d6df69aec08060bfb8327a55c4ee0e543ebe1f5f2d80fb860fda39870fa00210c726cb1e2c8307d6b98a3939101568d2277904607ad642233e9d7981
SSDEEP

1536:nlPvFu0hrhsTqAZVYKrrrrrrra5q2Lj+O:nlPdumhqfk3qO

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.5aff17af101ab2965cb9c1f76dca48a0.exe
- Size
  
  59KB
- MD5
  
  5aff17af101ab2965cb9c1f76dca48a0
- SHA1
  
  7249a55f12a0365b8025c741df2a86e4d8fa9fc2
- SHA256
  
  16df0153ecd9ad5f8249efa9df3a384699d99b6cb12fdad27e840e6e52459ea8
- SHA512
  
  b605db18d6df69aec08060bfb8327a55c4ee0e543ebe1f5f2d80fb860fda39870fa00210c726cb1e2c8307d6b98a3939101568d2277904607ad642233e9d7981
- SSDEEP
  
  1536:nlPvFu0hrhsTqAZVYKrrrrrrra5q2Lj+O:nlPdumhqfk3qO
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2