ef2e574ca66a8ca4208aaabb0033aeba3524dcbd2bbd7f84e7ee3fb6ad502f3c | Triage

Sharing

General

Target

NEAS.f5e8e39e4d691a8b2c2cc52b5ff3a5b0.exe
Size

315KB
Sample

231028-y3ra9sch7y
MD5

f5e8e39e4d691a8b2c2cc52b5ff3a5b0
SHA1

49171364c119a2e1b3ab5b86a928fcb54373ce55
SHA256

ef2e574ca66a8ca4208aaabb0033aeba3524dcbd2bbd7f84e7ee3fb6ad502f3c
SHA512

dec2a8ef3eef51871d213b99515ef79f6dc145510a6767a15e1a79deab4b4c40a4318baf9d8b24074a5ed3c79cc485a067c054f78763f890df8a6d5755a982f0
SSDEEP

3072:gENVGS8pTH4c+Vltq749+f4auvZ7LC4ZR4mqmnKBstqBiPXPAPePdfVQ:gaV8pU/VltqI+stesMmG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.f5e8e39e4d691a8b2c2cc52b5ff3a5b0.exe
- Size
  
  315KB
- MD5
  
  f5e8e39e4d691a8b2c2cc52b5ff3a5b0
- SHA1
  
  49171364c119a2e1b3ab5b86a928fcb54373ce55
- SHA256
  
  ef2e574ca66a8ca4208aaabb0033aeba3524dcbd2bbd7f84e7ee3fb6ad502f3c
- SHA512
  
  dec2a8ef3eef51871d213b99515ef79f6dc145510a6767a15e1a79deab4b4c40a4318baf9d8b24074a5ed3c79cc485a067c054f78763f890df8a6d5755a982f0
- SSDEEP
  
  3072:gENVGS8pTH4c+Vltq749+f4auvZ7LC4ZR4mqmnKBstqBiPXPAPePdfVQ:gaV8pU/VltqI+stesMmG
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2