194a5c5ed910319874751008cca7e992d1a783e1a2a91425946b70d21f7e9376 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.7253e279d1d59e671b34d6c2143e4250.exe
Size

848KB
Sample

231101-kcn7bsfb72
MD5

7253e279d1d59e671b34d6c2143e4250
SHA1

3994f517e1f0625a85a391cc3e646385e00902d4
SHA256

194a5c5ed910319874751008cca7e992d1a783e1a2a91425946b70d21f7e9376
SHA512

0ca5ffacfc0fa77a975c15b70ca8371fa90214ae78c3b187268ce8e56d20a251877ad413bd576c147f09bb582141a63cb586cd9fb9e63c43d23fab0ffb4c6897
SSDEEP

6144:Vy08xy5CPXbo92ynnZlVrtv35CPXbo92ynn8sbeWD25CPXbo92ynnZlVrtv35CPQ:VnFHRFbe1FH7ytgFHRFbe1FHu

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.7253e279d1d59e671b34d6c2143e4250.exe
- Size
  
  848KB
- MD5
  
  7253e279d1d59e671b34d6c2143e4250
- SHA1
  
  3994f517e1f0625a85a391cc3e646385e00902d4
- SHA256
  
  194a5c5ed910319874751008cca7e992d1a783e1a2a91425946b70d21f7e9376
- SHA512
  
  0ca5ffacfc0fa77a975c15b70ca8371fa90214ae78c3b187268ce8e56d20a251877ad413bd576c147f09bb582141a63cb586cd9fb9e63c43d23fab0ffb4c6897
- SSDEEP
  
  6144:Vy08xy5CPXbo92ynnZlVrtv35CPXbo92ynn8sbeWD25CPXbo92ynnZlVrtv35CPQ:VnFHRFbe1FH7ytgFHRFbe1FHu
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2