521cdcb345d3ae0fde0bc3c6e3fdfa2816dce9fbb2bbcfcb82a62814a8f02b54 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.8115d0740108dce3a31e9f3f7ac798e0.exe
Size

267KB
Sample

231021-z9bd3age45
MD5

8115d0740108dce3a31e9f3f7ac798e0
SHA1

1c232d5a01b9107d4e52370ca868ed1f494520c5
SHA256

521cdcb345d3ae0fde0bc3c6e3fdfa2816dce9fbb2bbcfcb82a62814a8f02b54
SHA512

61ac24c4728a6eb0aa33e0f19dd207d4d64038d193bafa78c9c10f4f17f2fe98433dd774691ef751eaf9180431e7f862e43c756c748684df6cfb5cfd834492ba
SSDEEP

3072:WcX93xwq19gL2SjGojCJa79TBfsY5vXWqvuHcYnLzqP2QV:WcNhJgX9z9TB0YRX8n6V

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.8115d0740108dce3a31e9f3f7ac798e0.exe
- Size
  
  267KB
- MD5
  
  8115d0740108dce3a31e9f3f7ac798e0
- SHA1
  
  1c232d5a01b9107d4e52370ca868ed1f494520c5
- SHA256
  
  521cdcb345d3ae0fde0bc3c6e3fdfa2816dce9fbb2bbcfcb82a62814a8f02b54
- SHA512
  
  61ac24c4728a6eb0aa33e0f19dd207d4d64038d193bafa78c9c10f4f17f2fe98433dd774691ef751eaf9180431e7f862e43c756c748684df6cfb5cfd834492ba
- SSDEEP
  
  3072:WcX93xwq19gL2SjGojCJa79TBfsY5vXWqvuHcYnLzqP2QV:WcNhJgX9z9TB0YRX8n6V
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2