6c33b6a874c8fb8df897ae9f5f5b84f518ae064e038ca3c69f90927d06e5ae9d | Triage

Sharing

General

Target

NEAS.e150240708555e3d163b109fb08767f2.exe
Size

327KB
Sample

231031-kk16vsad9z
MD5

e150240708555e3d163b109fb08767f2
SHA1

2580eb8554733b431c94ff28bbabc996e2b76246
SHA256

6c33b6a874c8fb8df897ae9f5f5b84f518ae064e038ca3c69f90927d06e5ae9d
SHA512

3f91f84997b8c673c5479d95d4df8dad4dfa787938021b31d3de0b59d33aea5be0f07f93ea00fe88a50398e0611ba4b8505110e6c0405972459e7665aa22e525
SSDEEP

3072:qw3+xyhplII8EwCEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEESLjb5m0t4r+/z+pdu:l3+kII/sj0+r+Mds9BY

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.e150240708555e3d163b109fb08767f2.exe
- Size
  
  327KB
- MD5
  
  e150240708555e3d163b109fb08767f2
- SHA1
  
  2580eb8554733b431c94ff28bbabc996e2b76246
- SHA256
  
  6c33b6a874c8fb8df897ae9f5f5b84f518ae064e038ca3c69f90927d06e5ae9d
- SHA512
  
  3f91f84997b8c673c5479d95d4df8dad4dfa787938021b31d3de0b59d33aea5be0f07f93ea00fe88a50398e0611ba4b8505110e6c0405972459e7665aa22e525
- SSDEEP
  
  3072:qw3+xyhplII8EwCEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEESLjb5m0t4r+/z+pdu:l3+kII/sj0+r+Mds9BY
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2