f40de8dae68db35041a926ecfcfca8af9f4f9b9efef4474fb146ba782c324fc8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c46120fb16afaf9305198fec2cae6a40.exe
Size

163KB
Sample

231028-yzjf9aaf7x
MD5

c46120fb16afaf9305198fec2cae6a40
SHA1

ffdd420aa86e8361fb4c67d307956e0ccd979e68
SHA256

f40de8dae68db35041a926ecfcfca8af9f4f9b9efef4474fb146ba782c324fc8
SHA512

7d9eec9b123bd020ca40770f70abf4a31c6194eb1d46f6480b569747a7152e8a4d614d0c36fc7a930e9abff12dfb43ebcb9af7c59cd797fefab74b8e276f40f8
SSDEEP

3072:JjnaOOgztVt+Mw3WibWH8RLZDEn5/n6l2ccz/dJEfa:Rna0Zw3WyWH8RLZDE5vhcc7d8a

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.c46120fb16afaf9305198fec2cae6a40.exe
- Size
  
  163KB
- MD5
  
  c46120fb16afaf9305198fec2cae6a40
- SHA1
  
  ffdd420aa86e8361fb4c67d307956e0ccd979e68
- SHA256
  
  f40de8dae68db35041a926ecfcfca8af9f4f9b9efef4474fb146ba782c324fc8
- SHA512
  
  7d9eec9b123bd020ca40770f70abf4a31c6194eb1d46f6480b569747a7152e8a4d614d0c36fc7a930e9abff12dfb43ebcb9af7c59cd797fefab74b8e276f40f8
- SSDEEP
  
  3072:JjnaOOgztVt+Mw3WibWH8RLZDEn5/n6l2ccz/dJEfa:Rna0Zw3WyWH8RLZDE5vhcc7d8a
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2