6cc9ba60abdc74e7c384ab520f9dee7462f96f63b973fbe0e9cf962c54f59b12 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d18ee44c816f01f7568efdd633071e40.exe
Size

96KB
Sample

231021-1d4amshg8s
MD5

d18ee44c816f01f7568efdd633071e40
SHA1

0f88eaae0e9624f9a318932b2485c73c8a72a079
SHA256

6cc9ba60abdc74e7c384ab520f9dee7462f96f63b973fbe0e9cf962c54f59b12
SHA512

144e47a69a998c9b04257ed22d0c46e200c33f87cfbc99ca1cbba0bcccb7ad42d4a41dd76103d9d74942ff5ada92153e3bcf32d33ff92b09d3f1cc5e9177180d
SSDEEP

1536:/ca5KDPrSBm+7JSVu0CbpyYBO2Lw7RZObZUUWaegPYA:UagrGm+6u04pyMwClUUWae

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.d18ee44c816f01f7568efdd633071e40.exe
- Size
  
  96KB
- MD5
  
  d18ee44c816f01f7568efdd633071e40
- SHA1
  
  0f88eaae0e9624f9a318932b2485c73c8a72a079
- SHA256
  
  6cc9ba60abdc74e7c384ab520f9dee7462f96f63b973fbe0e9cf962c54f59b12
- SHA512
  
  144e47a69a998c9b04257ed22d0c46e200c33f87cfbc99ca1cbba0bcccb7ad42d4a41dd76103d9d74942ff5ada92153e3bcf32d33ff92b09d3f1cc5e9177180d
- SSDEEP
  
  1536:/ca5KDPrSBm+7JSVu0CbpyYBO2Lw7RZObZUUWaegPYA:UagrGm+6u04pyMwClUUWae
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2