3501ed903397f856c2296cba0b145627c210571fc5ee13c096f83835ca16749f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.254f7b01c1eba9de35ad2f5b66bb70c0.exe
Size

117KB
Sample

231021-z35dkadb88
MD5

254f7b01c1eba9de35ad2f5b66bb70c0
SHA1

429d783d59480d6ffe3f5aa6cb83490ca2fab4b5
SHA256

3501ed903397f856c2296cba0b145627c210571fc5ee13c096f83835ca16749f
SHA512

b035507469a9772d4a0bc8902a2d235e94ad7a3dc2c634501259fbbc6bb2d4dbe1fa28aa55fc6d15b8f14b60332d76d9c025caa3e47cb68ff17327a9cba69ae5
SSDEEP

3072:FlnnJBSX1nV1b1N1Il1k1YFI1x1J1MuEqx517Q/1T1Jzct01Nbnl1RRhCHODpOJ+:zw6P

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.254f7b01c1eba9de35ad2f5b66bb70c0.exe
- Size
  
  117KB
- MD5
  
  254f7b01c1eba9de35ad2f5b66bb70c0
- SHA1
  
  429d783d59480d6ffe3f5aa6cb83490ca2fab4b5
- SHA256
  
  3501ed903397f856c2296cba0b145627c210571fc5ee13c096f83835ca16749f
- SHA512
  
  b035507469a9772d4a0bc8902a2d235e94ad7a3dc2c634501259fbbc6bb2d4dbe1fa28aa55fc6d15b8f14b60332d76d9c025caa3e47cb68ff17327a9cba69ae5
- SSDEEP
  
  3072:FlnnJBSX1nV1b1N1Il1k1YFI1x1J1MuEqx517Q/1T1Jzct01Nbnl1RRhCHODpOJ+:zw6P
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2