cab5496367729bdffef1a03d719630a33ac54820011bea076658fbe476947eea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.8bc2ff43a04ca1717cd29dbd8e9eff40.exe
Size

850KB
Sample

231102-rbmqfach3t
MD5

8bc2ff43a04ca1717cd29dbd8e9eff40
SHA1

02ea52c6548db351abd42846ab38b5092e0091b1
SHA256

cab5496367729bdffef1a03d719630a33ac54820011bea076658fbe476947eea
SHA512

7274cff5813b9f71b2d8b05a28aa33f594c1d0c9883d82e8313e6fa10e3e974b923c7916a3e5b0a93fb64e0035f714068a7b1cd0419c8c6413ef22f95207caa8
SSDEEP

3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjJHzW9hUd56JsuBSjwA2i1vP2i1a1c:Hha8iAx+1zwjJHd6vB/ANMBIXQk

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.8bc2ff43a04ca1717cd29dbd8e9eff40.exe
- Size
  
  850KB
- MD5
  
  8bc2ff43a04ca1717cd29dbd8e9eff40
- SHA1
  
  02ea52c6548db351abd42846ab38b5092e0091b1
- SHA256
  
  cab5496367729bdffef1a03d719630a33ac54820011bea076658fbe476947eea
- SHA512
  
  7274cff5813b9f71b2d8b05a28aa33f594c1d0c9883d82e8313e6fa10e3e974b923c7916a3e5b0a93fb64e0035f714068a7b1cd0419c8c6413ef22f95207caa8
- SSDEEP
  
  3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjJHzW9hUd56JsuBSjwA2i1vP2i1a1c:Hha8iAx+1zwjJHd6vB/ANMBIXQk
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2