89bcfc3efe54e1026b753aba7e0de10f1f99c3e1b471f781793f18c55064c69a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e9f691f972be78ac21fb646b8fe21861.exe
Size

279KB
Sample

231031-kk4a8acf27
MD5

e9f691f972be78ac21fb646b8fe21861
SHA1

e752ca5ae386b1a6ddfb1cd3a347d5e118b6b4e5
SHA256

89bcfc3efe54e1026b753aba7e0de10f1f99c3e1b471f781793f18c55064c69a
SHA512

fd573a9ff81479934ea04fbaf944a1fbc58007926c2eb6da8a38954e6b7a94a56e60ce9d96148fbb02369b598554bf205a2cbd01b15bd4409dcc21822e78d3ef
SSDEEP

6144:SGNSWMnbJ25CPXbo92ynnZlVrtv35CPXbo92ynn8sbeWD2/P:SOSlIFHRFbe73

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.e9f691f972be78ac21fb646b8fe21861.exe
- Size
  
  279KB
- MD5
  
  e9f691f972be78ac21fb646b8fe21861
- SHA1
  
  e752ca5ae386b1a6ddfb1cd3a347d5e118b6b4e5
- SHA256
  
  89bcfc3efe54e1026b753aba7e0de10f1f99c3e1b471f781793f18c55064c69a
- SHA512
  
  fd573a9ff81479934ea04fbaf944a1fbc58007926c2eb6da8a38954e6b7a94a56e60ce9d96148fbb02369b598554bf205a2cbd01b15bd4409dcc21822e78d3ef
- SSDEEP
  
  6144:SGNSWMnbJ25CPXbo92ynnZlVrtv35CPXbo92ynn8sbeWD2/P:SOSlIFHRFbe73
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2