67958a42829d54f59690ae210b90ae7f9e3460531fb52fff9a24146a5f163812 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.aa331f9d7894ba0e5129414e69127480.exe
Size

386KB
Sample

231102-vaz6xscc25
MD5

aa331f9d7894ba0e5129414e69127480
SHA1

04a0c66383e0e45146710e21e06519d909bf4374
SHA256

67958a42829d54f59690ae210b90ae7f9e3460531fb52fff9a24146a5f163812
SHA512

c8ceafb3da55c50a772f6f31cc4157d2da0fb366ac3260e4fafe2b538058030c64f425662d39c36375f3a6111ddfc620fc56930b5c1ea2e9d1439bf80e0027ab
SSDEEP

6144:tGn05lLeh8R1n6xJmPMO7+dTtyC7tkdBI:t7KhuKTtystkdBI

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.aa331f9d7894ba0e5129414e69127480.exe
- Size
  
  386KB
- MD5
  
  aa331f9d7894ba0e5129414e69127480
- SHA1
  
  04a0c66383e0e45146710e21e06519d909bf4374
- SHA256
  
  67958a42829d54f59690ae210b90ae7f9e3460531fb52fff9a24146a5f163812
- SHA512
  
  c8ceafb3da55c50a772f6f31cc4157d2da0fb366ac3260e4fafe2b538058030c64f425662d39c36375f3a6111ddfc620fc56930b5c1ea2e9d1439bf80e0027ab
- SSDEEP
  
  6144:tGn05lLeh8R1n6xJmPMO7+dTtyC7tkdBI:t7KhuKTtystkdBI
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2