b397495357b693e79a68656cb834b453a23e25b51db97b94f0be2ede683a6281 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.cee8fd03dc40b5556976179d8be13390.exe
Size

288KB
Sample

231028-yz68babb5z
MD5

cee8fd03dc40b5556976179d8be13390
SHA1

70d6e8bd60627492bb6f321fbcbaa7f7678b8dbd
SHA256

b397495357b693e79a68656cb834b453a23e25b51db97b94f0be2ede683a6281
SHA512

4184c51c680b37de477b1d2d6852597228a030217c9303b4a206d477eeb40972688524da0a6704f6a2ff20b7f31d3cf2721ebc902957ec8788e77d67fad118b1
SSDEEP

6144:d3igRSBz5IIR+P2sz5SQUyi1VhEl7baEZlbYnHeo/FcwTXS+tq:dygRSBaosjUyiPhElyE/bYHB/FciX5q

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.cee8fd03dc40b5556976179d8be13390.exe
- Size
  
  288KB
- MD5
  
  cee8fd03dc40b5556976179d8be13390
- SHA1
  
  70d6e8bd60627492bb6f321fbcbaa7f7678b8dbd
- SHA256
  
  b397495357b693e79a68656cb834b453a23e25b51db97b94f0be2ede683a6281
- SHA512
  
  4184c51c680b37de477b1d2d6852597228a030217c9303b4a206d477eeb40972688524da0a6704f6a2ff20b7f31d3cf2721ebc902957ec8788e77d67fad118b1
- SSDEEP
  
  6144:d3igRSBz5IIR+P2sz5SQUyi1VhEl7baEZlbYnHeo/FcwTXS+tq:dygRSBaosjUyiPhElyE/bYHB/FciX5q
Score

7^/10

persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2