e48a77bbb5608944bfc5e7b3d2a7c112f84fa9f1c9f430430172a93d2a28235e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e19c173f57df263cfaea8ea14e7bfae0.exe
Size

101KB
Sample

231028-y2gensdf45
MD5

e19c173f57df263cfaea8ea14e7bfae0
SHA1

b0388fa4a73382bb7d6570ab8363f51b259028f7
SHA256

e48a77bbb5608944bfc5e7b3d2a7c112f84fa9f1c9f430430172a93d2a28235e
SHA512

7b57d914ce2c92c65d0222afcea0a2add3c670e78fb009ddfb07fb197632dd706e581dbe26983bb85894090f440ad9e4ecd18d183b9d873250532055924aa668
SSDEEP

3072:jblZCNYr/uduXqbyu0sY7q5AnrHY4vDX:PlcNYr/d853Anr44vDX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.e19c173f57df263cfaea8ea14e7bfae0.exe
- Size
  
  101KB
- MD5
  
  e19c173f57df263cfaea8ea14e7bfae0
- SHA1
  
  b0388fa4a73382bb7d6570ab8363f51b259028f7
- SHA256
  
  e48a77bbb5608944bfc5e7b3d2a7c112f84fa9f1c9f430430172a93d2a28235e
- SHA512
  
  7b57d914ce2c92c65d0222afcea0a2add3c670e78fb009ddfb07fb197632dd706e581dbe26983bb85894090f440ad9e4ecd18d183b9d873250532055924aa668
- SSDEEP
  
  3072:jblZCNYr/uduXqbyu0sY7q5AnrHY4vDX:PlcNYr/d853Anr44vDX
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2