98ec78af6505aa3169da0e4dc5f83130037d8106f21793efa90ce6091608760a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.de3b098d50f18d2fedd46d7087b7d3f0.exe
Size

80KB
Sample

231021-1e2hfaad9x
MD5

de3b098d50f18d2fedd46d7087b7d3f0
SHA1

337251308b8abe93a3daa41ae940ae77c245018a
SHA256

98ec78af6505aa3169da0e4dc5f83130037d8106f21793efa90ce6091608760a
SHA512

25a783bd831b356d4ea0b40269dfc3ecec8d862994be7e53d37c41c8996b0992e2bfc7c9cc4199e9433bde1720c969ec6aa42de586b232b51df02d6cd317a317
SSDEEP

1536:PXvWkzLs4YsLh8Eef9ou8w+fftFgsH3ey9c9gk5YMkhohBE8VGh:fvnLIsd8pr/wi9UAEQGh

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.de3b098d50f18d2fedd46d7087b7d3f0.exe
- Size
  
  80KB
- MD5
  
  de3b098d50f18d2fedd46d7087b7d3f0
- SHA1
  
  337251308b8abe93a3daa41ae940ae77c245018a
- SHA256
  
  98ec78af6505aa3169da0e4dc5f83130037d8106f21793efa90ce6091608760a
- SHA512
  
  25a783bd831b356d4ea0b40269dfc3ecec8d862994be7e53d37c41c8996b0992e2bfc7c9cc4199e9433bde1720c969ec6aa42de586b232b51df02d6cd317a317
- SSDEEP
  
  1536:PXvWkzLs4YsLh8Eef9ou8w+fftFgsH3ey9c9gk5YMkhohBE8VGh:fvnLIsd8pr/wi9UAEQGh
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2