4a563f7ef929cff7afbd26737030202ceb2c4136dd84b01f9764964d22f54199 | Triage

Sharing

General

Target

NEAS.61034442a9e61f3e7165bd4744d44c90.exe
Size

582KB
Sample

231022-vwlwesdg5y
MD5

61034442a9e61f3e7165bd4744d44c90
SHA1

f32f8b5394f616b4159105ca6f8338ac738d53af
SHA256

4a563f7ef929cff7afbd26737030202ceb2c4136dd84b01f9764964d22f54199
SHA512

7978d119d13841bc5c03b6364197d2e8cd2e4717d5428b703429060196163beb40f784066d90a0ffe7c4283be24daa605d87bb612790332e08751fc0ce36919a
SSDEEP

12288:EVlpGYNrekcPYNrq6+gmCAYNrekcPYNrB:EVlgakaF+gqakad

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.61034442a9e61f3e7165bd4744d44c90.exe
- Size
  
  582KB
- MD5
  
  61034442a9e61f3e7165bd4744d44c90
- SHA1
  
  f32f8b5394f616b4159105ca6f8338ac738d53af
- SHA256
  
  4a563f7ef929cff7afbd26737030202ceb2c4136dd84b01f9764964d22f54199
- SHA512
  
  7978d119d13841bc5c03b6364197d2e8cd2e4717d5428b703429060196163beb40f784066d90a0ffe7c4283be24daa605d87bb612790332e08751fc0ce36919a
- SSDEEP
  
  12288:EVlpGYNrekcPYNrq6+gmCAYNrekcPYNrB:EVlgakaF+gqakad
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2