9ec993abcf8aa11f1afbe9bf2685c0f2d69af9350512ac28b6e3aeb05b99dfb4 | Triage

Sharing

General

Target

NEAS.4827a9fafb5466c7982da6fb59878f5e.exe
Size

75KB
Sample

231102-whdhkafd68
MD5

4827a9fafb5466c7982da6fb59878f5e
SHA1

b60b0cb62b0722f78b495c199a87487bf0c6a45a
SHA256

9ec993abcf8aa11f1afbe9bf2685c0f2d69af9350512ac28b6e3aeb05b99dfb4
SHA512

a39715cf1d66b65332d720f831a08ede60c589507683f3871e41fc823b1fc6d562ef655c6b6f04f768fbea95e4dcd2b1d0225f59a5e9fced74e35952c6f17a4a
SSDEEP

1536:nH180uBurlunhto6SmRYIT239OF7tEjueIn1cgCe8uvQGYQzlV:H20uBuy96KpSCnugCe8uvQa

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.4827a9fafb5466c7982da6fb59878f5e.exe
- Size
  
  75KB
- MD5
  
  4827a9fafb5466c7982da6fb59878f5e
- SHA1
  
  b60b0cb62b0722f78b495c199a87487bf0c6a45a
- SHA256
  
  9ec993abcf8aa11f1afbe9bf2685c0f2d69af9350512ac28b6e3aeb05b99dfb4
- SHA512
  
  a39715cf1d66b65332d720f831a08ede60c589507683f3871e41fc823b1fc6d562ef655c6b6f04f768fbea95e4dcd2b1d0225f59a5e9fced74e35952c6f17a4a
- SSDEEP
  
  1536:nH180uBurlunhto6SmRYIT239OF7tEjueIn1cgCe8uvQGYQzlV:H20uBuy96KpSCnugCe8uvQa
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2