02dc7e0db69d8689c94bbdc49b4f8d3cde29dabf049b6e4a593aa79547a4a780 | Triage

Sharing

General

Target

NEAS.ed9a8d8dbefe3de46729f971b68a4e36.exe
Size

285KB
Sample

231102-wfwlcsdd8s
MD5

ed9a8d8dbefe3de46729f971b68a4e36
SHA1

0060d8fd03e3481dce10f807e0d45a36fed9285a
SHA256

02dc7e0db69d8689c94bbdc49b4f8d3cde29dabf049b6e4a593aa79547a4a780
SHA512

17043d4a50e935a987bc88817bbf7a630ce1c92396111b73c29954da660143f5d0739082fb8a4b669881b1f47b3bccc07771bf651b748967474b90649a722b6c
SSDEEP

3072:azQk80dtD/7f+a70ie5KVcbMloVRr3uMg0kAqSxYiJ2QM4GKch:P50d5DfFa5KQIoi7tWa

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.ed9a8d8dbefe3de46729f971b68a4e36.exe
- Size
  
  285KB
- MD5
  
  ed9a8d8dbefe3de46729f971b68a4e36
- SHA1
  
  0060d8fd03e3481dce10f807e0d45a36fed9285a
- SHA256
  
  02dc7e0db69d8689c94bbdc49b4f8d3cde29dabf049b6e4a593aa79547a4a780
- SHA512
  
  17043d4a50e935a987bc88817bbf7a630ce1c92396111b73c29954da660143f5d0739082fb8a4b669881b1f47b3bccc07771bf651b748967474b90649a722b6c
- SSDEEP
  
  3072:azQk80dtD/7f+a70ie5KVcbMloVRr3uMg0kAqSxYiJ2QM4GKch:P50d5DfFa5KQIoi7tWa
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2