ec7d5fce0da7f0940b8b5d7c96414362392999a45714c573210046a8d9450d7e | Triage

Sharing

General

Target

NEAS.521b06aa293edcd182bb96d327762360.exe
Size

207KB
Sample

231022-vv34bafb78
MD5

521b06aa293edcd182bb96d327762360
SHA1

31849c52defe64aaba55d04c07d42579aef8cfd1
SHA256

ec7d5fce0da7f0940b8b5d7c96414362392999a45714c573210046a8d9450d7e
SHA512

e5f0894bd79b361491f4b4eb007ff9c86a6bcbb497b4ca248d639b1ef28d204da5c7f6eebacc9ad0b9179655d023bc8ee9b9b794ed8e9c1de60eaca3dfff2154
SSDEEP

3072:MvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unW:MvEN2U+T6i5LirrllHy4HUcMQY6d

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  NEAS.521b06aa293edcd182bb96d327762360.exe
- Size
  
  207KB
- MD5
  
  521b06aa293edcd182bb96d327762360
- SHA1
  
  31849c52defe64aaba55d04c07d42579aef8cfd1
- SHA256
  
  ec7d5fce0da7f0940b8b5d7c96414362392999a45714c573210046a8d9450d7e
- SHA512
  
  e5f0894bd79b361491f4b4eb007ff9c86a6bcbb497b4ca248d639b1ef28d204da5c7f6eebacc9ad0b9179655d023bc8ee9b9b794ed8e9c1de60eaca3dfff2154
- SSDEEP
  
  3072:MvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unW:MvEN2U+T6i5LirrllHy4HUcMQY6d
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Modifies Installed Components in the registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence