ca820e0860142aa5dbcbe312f878bfab519bd4485eb167de53c27d95d92adf69 | Triage

Sharing

General

Target

NEAS.613af01adff3ea76f7fb19effec40f45.exe
Size

322KB
Sample

231106-xh8jdaeg47
MD5

613af01adff3ea76f7fb19effec40f45
SHA1

dec46ba00ee65638bf469a2fef036e8df6f1cd43
SHA256

ca820e0860142aa5dbcbe312f878bfab519bd4485eb167de53c27d95d92adf69
SHA512

e1f45ee13bfc656ea54317f06d94a59639a4e35ba8bcdab2e3fc86f74f771e4fe28880104f6be919adda760b90f89c8cd259081fc6be2b94185bc15c4a11fe27
SSDEEP

1536:QpNt83/0ZbzdJqIIyrUlLc9+Q0i/W96TOK2PCSRQyaTmDhdF+PhJFTq1dlCsTx4L:AP838ZHXtIyrIs0iewKheVSVGZ3Odl2

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.613af01adff3ea76f7fb19effec40f45.exe
- Size
  
  322KB
- MD5
  
  613af01adff3ea76f7fb19effec40f45
- SHA1
  
  dec46ba00ee65638bf469a2fef036e8df6f1cd43
- SHA256
  
  ca820e0860142aa5dbcbe312f878bfab519bd4485eb167de53c27d95d92adf69
- SHA512
  
  e1f45ee13bfc656ea54317f06d94a59639a4e35ba8bcdab2e3fc86f74f771e4fe28880104f6be919adda760b90f89c8cd259081fc6be2b94185bc15c4a11fe27
- SSDEEP
  
  1536:QpNt83/0ZbzdJqIIyrUlLc9+Q0i/W96TOK2PCSRQyaTmDhdF+PhJFTq1dlCsTx4L:AP838ZHXtIyrIs0iewKheVSVGZ3Odl2
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2