6c1cbe76ccfae065dbdb2aca94fe700cae288871427b7ad7a06bc5eb36801172 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.fbc8b12df3071e448c5d0a9d3a600040.exe
Size

192KB
Sample

231101-rrbm4sbd45
MD5

fbc8b12df3071e448c5d0a9d3a600040
SHA1

e541516337799c686f146ee6b10dcc9228a3d18d
SHA256

6c1cbe76ccfae065dbdb2aca94fe700cae288871427b7ad7a06bc5eb36801172
SHA512

37df32be9b84045ca382c515cedb2c521e3eeb23d881e3269c5cd2fb19fe996b83569102a3957327d748e3f54a09ad4c1f430c6f83de908ac005e40dcefa2d63
SSDEEP

3072:e4aZrHWrUgnI8QarC78j6+JB8M6m9jqLsFmsdYXmLlcJVIZen+Vcv2JBwwRBkBnf:6ZAnIIrC78j6MB8MhjwszeXmr8SeT

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.fbc8b12df3071e448c5d0a9d3a600040.exe
- Size
  
  192KB
- MD5
  
  fbc8b12df3071e448c5d0a9d3a600040
- SHA1
  
  e541516337799c686f146ee6b10dcc9228a3d18d
- SHA256
  
  6c1cbe76ccfae065dbdb2aca94fe700cae288871427b7ad7a06bc5eb36801172
- SHA512
  
  37df32be9b84045ca382c515cedb2c521e3eeb23d881e3269c5cd2fb19fe996b83569102a3957327d748e3f54a09ad4c1f430c6f83de908ac005e40dcefa2d63
- SSDEEP
  
  3072:e4aZrHWrUgnI8QarC78j6+JB8M6m9jqLsFmsdYXmLlcJVIZen+Vcv2JBwwRBkBnf:6ZAnIIrC78j6MB8MhjwszeXmr8SeT
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2