fbd5e71d65d636910a468991707d4a98a4b6d2c2042a21ea33a6d3ed8a440a7e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.922f386f6958b059127b52a5626f2310.exe
Size

144KB
Sample

231028-ypmqxsag66
MD5

922f386f6958b059127b52a5626f2310
SHA1

61f2227783da33f4973637c50806b4126772e31c
SHA256

fbd5e71d65d636910a468991707d4a98a4b6d2c2042a21ea33a6d3ed8a440a7e
SHA512

36ecd5e5e32846ed849bcdb29d403145134b4eac216de237e54fbb8ce28ff859d56d4ba2f8361ba131eca2f1a8352dbde9b624d884fc1af94276dc9862e25ff1
SSDEEP

3072:I5aiXWmfJkFw2ffzdH13+EE+RaZ6r+GDZnBcVU:I5aeWmfJkFw2ffzd5IF6rfBBcVU

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.922f386f6958b059127b52a5626f2310.exe
- Size
  
  144KB
- MD5
  
  922f386f6958b059127b52a5626f2310
- SHA1
  
  61f2227783da33f4973637c50806b4126772e31c
- SHA256
  
  fbd5e71d65d636910a468991707d4a98a4b6d2c2042a21ea33a6d3ed8a440a7e
- SHA512
  
  36ecd5e5e32846ed849bcdb29d403145134b4eac216de237e54fbb8ce28ff859d56d4ba2f8361ba131eca2f1a8352dbde9b624d884fc1af94276dc9862e25ff1
- SSDEEP
  
  3072:I5aiXWmfJkFw2ffzdH13+EE+RaZ6r+GDZnBcVU:I5aeWmfJkFw2ffzd5IF6rfBBcVU
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2