525188fd08dc8b5ca342101eb99062cd3bbb738dc3bef078a391355b6b140eb7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b8eb172e34679891d7cb3604923496c0.exe
Size

1.9MB
Sample

231101-rmd8fafb3z
MD5

b8eb172e34679891d7cb3604923496c0
SHA1

e3015874ddc06960bcbc04e402bfa656f144ddf2
SHA256

525188fd08dc8b5ca342101eb99062cd3bbb738dc3bef078a391355b6b140eb7
SHA512

c9735088aabe07f606b9ac76356d8a26344bd88545502587ee1b7e0de38e7c40303cf49a35847c2de936eb869c358e0eeabf434173ada5c7f8333202ca2c21d1
SSDEEP

24576:7adNIVyeNIVy2j5aaRLVtnX6ojNIVyeNIVy2jpXNIVyeNIVy2j5aaRLVtnX6ojNL:jyjAi6yjgyjAi6yjx

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.b8eb172e34679891d7cb3604923496c0.exe
- Size
  
  1.9MB
- MD5
  
  b8eb172e34679891d7cb3604923496c0
- SHA1
  
  e3015874ddc06960bcbc04e402bfa656f144ddf2
- SHA256
  
  525188fd08dc8b5ca342101eb99062cd3bbb738dc3bef078a391355b6b140eb7
- SHA512
  
  c9735088aabe07f606b9ac76356d8a26344bd88545502587ee1b7e0de38e7c40303cf49a35847c2de936eb869c358e0eeabf434173ada5c7f8333202ca2c21d1
- SSDEEP
  
  24576:7adNIVyeNIVy2j5aaRLVtnX6ojNIVyeNIVy2jpXNIVyeNIVy2j5aaRLVtnX6ojNL:jyjAi6yjgyjAi6yjx
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2