7936f5ac7ac41757905aec291c937fce4d9edd56ed49d0fb30984fe1f89e36e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d43aa85b2cc771a3524808b72a2b6c70.exe
Size

459KB
Sample

231022-v2j9saba93
MD5

d43aa85b2cc771a3524808b72a2b6c70
SHA1

e0498f3163db530e433fcb6ae832f60be1e58ef5
SHA256

7936f5ac7ac41757905aec291c937fce4d9edd56ed49d0fb30984fe1f89e36e8
SHA512

72c2bd57831d6145ff0376944ceeade10188349c9cd61035ed8c845bd62b6af1d0b9d5c55484b234633275ef1043795704dde4b50472bb2dbdf636c4554c6006
SSDEEP

6144:gZvtS/MwGsmLrZNs/VKi/MwGsmLr5+Nod/MwGsmLrZNs/VKi/MwGsmLrRo68lS:gcMmmpNs/VXMmmg8MmmpNs/VXMmm

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.d43aa85b2cc771a3524808b72a2b6c70.exe
- Size
  
  459KB
- MD5
  
  d43aa85b2cc771a3524808b72a2b6c70
- SHA1
  
  e0498f3163db530e433fcb6ae832f60be1e58ef5
- SHA256
  
  7936f5ac7ac41757905aec291c937fce4d9edd56ed49d0fb30984fe1f89e36e8
- SHA512
  
  72c2bd57831d6145ff0376944ceeade10188349c9cd61035ed8c845bd62b6af1d0b9d5c55484b234633275ef1043795704dde4b50472bb2dbdf636c4554c6006
- SSDEEP
  
  6144:gZvtS/MwGsmLrZNs/VKi/MwGsmLr5+Nod/MwGsmLrZNs/VKi/MwGsmLrRo68lS:gcMmmpNs/VXMmmg8MmmpNs/VXMmm
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2