0af557448fbdfa658dc55caa9a5e14d21fb9225f8056b3e5e4eb564af9665580 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0af85cd322c2620f18ddd29efbc35650.exe
Size

386KB
Sample

231101-fkgd8saf71
MD5

0af85cd322c2620f18ddd29efbc35650
SHA1

a4c87ef6c801433e1ae49d6d9bd4e61323843606
SHA256

0af557448fbdfa658dc55caa9a5e14d21fb9225f8056b3e5e4eb564af9665580
SHA512

b24df6d0a868b287ff4c15abb298c4acc47387d8463ea6dcdb037e8b99c5a7d3f0784668da9acf33af5e04e9fbfb5c2cbfa98de0cedd2238c6a794daadbd86c3
SSDEEP

6144:+YUE+nscBoepBHkaFnX1n6xJmPMO7+dTtyC7tkdBI:+YUznscBoepBHk6BKTtystkdBI

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.0af85cd322c2620f18ddd29efbc35650.exe
- Size
  
  386KB
- MD5
  
  0af85cd322c2620f18ddd29efbc35650
- SHA1
  
  a4c87ef6c801433e1ae49d6d9bd4e61323843606
- SHA256
  
  0af557448fbdfa658dc55caa9a5e14d21fb9225f8056b3e5e4eb564af9665580
- SHA512
  
  b24df6d0a868b287ff4c15abb298c4acc47387d8463ea6dcdb037e8b99c5a7d3f0784668da9acf33af5e04e9fbfb5c2cbfa98de0cedd2238c6a794daadbd86c3
- SSDEEP
  
  6144:+YUE+nscBoepBHkaFnX1n6xJmPMO7+dTtyC7tkdBI:+YUznscBoepBHk6BKTtystkdBI
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2