952453b000a9b232f660fcb9b84b6e9832e0aba5fc8f4a33fd5032654beb58ce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e6799ba673932fb8f8c5748effc0f75b.exe
Size

3.0MB
Sample

231031-kk3ppaae3x
MD5

e6799ba673932fb8f8c5748effc0f75b
SHA1

90d0f7e4ab6f4914f661425f4a62f5bb9de713ac
SHA256

952453b000a9b232f660fcb9b84b6e9832e0aba5fc8f4a33fd5032654beb58ce
SHA512

963e6ca061fcb3d9179ac03f782c5eb5fe13135cf2af771bc252d39ffd12b7e5674563891eb78d5ed0e6fdf1fc43b6d42c8676d9c42051b76a1626e4d2985c2b
SSDEEP

49152:pZINO9Wp5UON4jvCh90mLI5TbMtjmUL0kpj7bmZfUQmcZY6sKsir3sdj8PjhROXN:v5y3KDI9pKALo5UnENsKsiQ6NJs

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.e6799ba673932fb8f8c5748effc0f75b.exe
- Size
  
  3.0MB
- MD5
  
  e6799ba673932fb8f8c5748effc0f75b
- SHA1
  
  90d0f7e4ab6f4914f661425f4a62f5bb9de713ac
- SHA256
  
  952453b000a9b232f660fcb9b84b6e9832e0aba5fc8f4a33fd5032654beb58ce
- SHA512
  
  963e6ca061fcb3d9179ac03f782c5eb5fe13135cf2af771bc252d39ffd12b7e5674563891eb78d5ed0e6fdf1fc43b6d42c8676d9c42051b76a1626e4d2985c2b
- SSDEEP
  
  49152:pZINO9Wp5UON4jvCh90mLI5TbMtjmUL0kpj7bmZfUQmcZY6sKsir3sdj8PjhROXN:v5y3KDI9pKALo5UnENsKsiQ6NJs
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2