263b19d925ce335bd1e828d4c8993b3ea4d98788c2aa8e420031ce9d3428f86d | Triage

Sharing

General

Target

NEAS.d887cb4be31a6e7770e3b445577531a0.exe
Size

323KB
Sample

231021-1enatabh68
MD5

d887cb4be31a6e7770e3b445577531a0
SHA1

f8ac9e138029f5fad03ce585a4a980da6ebb731d
SHA256

263b19d925ce335bd1e828d4c8993b3ea4d98788c2aa8e420031ce9d3428f86d
SHA512

ce204e06cd53cfef60ca76f18d935e7316ae5864378dd1c3796c2c186f1e00d7e5538f240d54fbb561ea0a08c318e3776ffcc9496b6aa1a89f31a816454263a6
SSDEEP

6144:7lBHAK0alljd3rKzwN8Jlljd3njPX9ZAk3fs:7QmjpKXjtjP9Zt0

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.d887cb4be31a6e7770e3b445577531a0.exe
- Size
  
  323KB
- MD5
  
  d887cb4be31a6e7770e3b445577531a0
- SHA1
  
  f8ac9e138029f5fad03ce585a4a980da6ebb731d
- SHA256
  
  263b19d925ce335bd1e828d4c8993b3ea4d98788c2aa8e420031ce9d3428f86d
- SHA512
  
  ce204e06cd53cfef60ca76f18d935e7316ae5864378dd1c3796c2c186f1e00d7e5538f240d54fbb561ea0a08c318e3776ffcc9496b6aa1a89f31a816454263a6
- SSDEEP
  
  6144:7lBHAK0alljd3rKzwN8Jlljd3njPX9ZAk3fs:7QmjpKXjtjP9Zt0
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2