36e6b368ec9267d9a50220f1fc91d3c03c6020794ddfe151e054019da4d2ffe8 | Triage

Sharing

General

Target

NEAS.cf1c5e3c668c8ba834e21ecc6f163220.exe
Size

1.5MB
Sample

231103-tlfqzsgf73
MD5

cf1c5e3c668c8ba834e21ecc6f163220
SHA1

b4c8648c76bb342c26cc82d98ddb8d3bba579bed
SHA256

36e6b368ec9267d9a50220f1fc91d3c03c6020794ddfe151e054019da4d2ffe8
SHA512

71f6b000dfecc475916765915e2d49af9b77679178669004298f6bd1141d9fbe21138423e09ddb0d2a62ef76c54995588b85523243afd733353171545b5cd9da
SSDEEP

12288:4ZPbWGRdA6sQxuEuZH8WF50+OJ3BHCXwpnsKvNA+XTvZHWuEo3oWB+:4xzecI50+YNpsKv2EvZHp3oWB+

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.cf1c5e3c668c8ba834e21ecc6f163220.exe
- Size
  
  1.5MB
- MD5
  
  cf1c5e3c668c8ba834e21ecc6f163220
- SHA1
  
  b4c8648c76bb342c26cc82d98ddb8d3bba579bed
- SHA256
  
  36e6b368ec9267d9a50220f1fc91d3c03c6020794ddfe151e054019da4d2ffe8
- SHA512
  
  71f6b000dfecc475916765915e2d49af9b77679178669004298f6bd1141d9fbe21138423e09ddb0d2a62ef76c54995588b85523243afd733353171545b5cd9da
- SSDEEP
  
  12288:4ZPbWGRdA6sQxuEuZH8WF50+OJ3BHCXwpnsKvNA+XTvZHWuEo3oWB+:4xzecI50+YNpsKv2EvZHp3oWB+
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2