43cd8779c177867c23f01e78a4a10f6652cc9c918027c5332c21beed258d6437 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a3bfd4c226a7b8ed3cd7017012d65450.exe
Size

80KB
Sample

231106-zd9xragc24
MD5

a3bfd4c226a7b8ed3cd7017012d65450
SHA1

9742fabd4b972bac96c956f6317d7ed62cc89b90
SHA256

43cd8779c177867c23f01e78a4a10f6652cc9c918027c5332c21beed258d6437
SHA512

ab8beae8e06d204d5fd30c9cabb56b32c73fd0a7f74a03178d5cb06d918beb3fc18ab10c884d89ef079682b3b75ee120f5e381a625c7b9eca89210c2d2bb2500
SSDEEP

1536:fSlGLeEzSukdJnTrfWDXjj9H2LOCYrum8SPG2:fSUL4vJ3WTj2OVT8SL

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.a3bfd4c226a7b8ed3cd7017012d65450.exe
- Size
  
  80KB
- MD5
  
  a3bfd4c226a7b8ed3cd7017012d65450
- SHA1
  
  9742fabd4b972bac96c956f6317d7ed62cc89b90
- SHA256
  
  43cd8779c177867c23f01e78a4a10f6652cc9c918027c5332c21beed258d6437
- SHA512
  
  ab8beae8e06d204d5fd30c9cabb56b32c73fd0a7f74a03178d5cb06d918beb3fc18ab10c884d89ef079682b3b75ee120f5e381a625c7b9eca89210c2d2bb2500
- SSDEEP
  
  1536:fSlGLeEzSukdJnTrfWDXjj9H2LOCYrum8SPG2:fSUL4vJ3WTj2OVT8SL
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2