ba3e0486edfd6b2461e9d4b3e17ea99f4df520c2c37289589a0d57cb86f1a87a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.cd548d2103f447507854f2e1d76fb180.exe
Size

122KB
Sample

231101-rnjvbahe88
MD5

cd548d2103f447507854f2e1d76fb180
SHA1

3c44ac8822c57b56899de9dfece4e5caa54676bc
SHA256

ba3e0486edfd6b2461e9d4b3e17ea99f4df520c2c37289589a0d57cb86f1a87a
SHA512

5c6efe4e2d578db7a076ed169bc322e1335530809fff66383d29112a1a49f7198853942a370a2b04217290616ab4737be8be7d9915f9bc8d2f618eb9a1527017
SSDEEP

3072:BiAyLN9aa+9U2rW1ipjp2R6JJrWNZxYvQd20:iLP+9U2rW1iqcJJrW7+0

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.cd548d2103f447507854f2e1d76fb180.exe
- Size
  
  122KB
- MD5
  
  cd548d2103f447507854f2e1d76fb180
- SHA1
  
  3c44ac8822c57b56899de9dfece4e5caa54676bc
- SHA256
  
  ba3e0486edfd6b2461e9d4b3e17ea99f4df520c2c37289589a0d57cb86f1a87a
- SHA512
  
  5c6efe4e2d578db7a076ed169bc322e1335530809fff66383d29112a1a49f7198853942a370a2b04217290616ab4737be8be7d9915f9bc8d2f618eb9a1527017
- SSDEEP
  
  3072:BiAyLN9aa+9U2rW1ipjp2R6JJrWNZxYvQd20:iLP+9U2rW1iqcJJrW7+0
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2