63cf8a2e6f3311c2e5e3d763e496169a4de794c0c058d8a185a94fbfd504f091 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9594db628bb98e10276ef0a10db8aff0.exe
Size

98KB
Sample

231022-vysrrafc71
MD5

9594db628bb98e10276ef0a10db8aff0
SHA1

4efbd2f53af7333c6404be4823e0319e9041d519
SHA256

63cf8a2e6f3311c2e5e3d763e496169a4de794c0c058d8a185a94fbfd504f091
SHA512

72e415ea33b207cd0a1fa4f4582f36c25cd7ea32a6741c0558735f47a25151f1081e81c711972dd608ea7967a1b3590e93824ca9284cf92ce94450e7380204a0
SSDEEP

3072:l6R4fGd5/0JqqvkEfeFKPD375lHzpa1P:lW1sxkEfeYr75lHzpaF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.9594db628bb98e10276ef0a10db8aff0.exe
- Size
  
  98KB
- MD5
  
  9594db628bb98e10276ef0a10db8aff0
- SHA1
  
  4efbd2f53af7333c6404be4823e0319e9041d519
- SHA256
  
  63cf8a2e6f3311c2e5e3d763e496169a4de794c0c058d8a185a94fbfd504f091
- SHA512
  
  72e415ea33b207cd0a1fa4f4582f36c25cd7ea32a6741c0558735f47a25151f1081e81c711972dd608ea7967a1b3590e93824ca9284cf92ce94450e7380204a0
- SSDEEP
  
  3072:l6R4fGd5/0JqqvkEfeFKPD375lHzpa1P:lW1sxkEfeYr75lHzpaF
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2