31a44ad3f328a5c26af64b8cd0b8c22e86a4a16e140f8a37aa4141c4a597abfa | Triage

Sharing

General

Target

NEAS.0e71f9f4aadb8d006988ec17ccb0f640.exe
Size

880KB
Sample

231107-bjr25aah67
MD5

0e71f9f4aadb8d006988ec17ccb0f640
SHA1

33ff455dda0fab4b18d941e08f63e7ea6e1c0f2b
SHA256

31a44ad3f328a5c26af64b8cd0b8c22e86a4a16e140f8a37aa4141c4a597abfa
SHA512

c13a6a1cb043379e348bfbe5125dd60c07f6456a75d49cde73e2b2e52caab09051891e2c4dbdac2ddaa6b4990630a34a45cc0ab5d7d543faf5a130b834c8a5b1
SSDEEP

12288:XH1vEBW5pvmexavWBW5pvzcvTBW5pvmexavWBW5pvO7E2hdvMBW5pvmexavWBW5g:XSBixNBJBixNBV7EgSBixNBJBixNB

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.0e71f9f4aadb8d006988ec17ccb0f640.exe
- Size
  
  880KB
- MD5
  
  0e71f9f4aadb8d006988ec17ccb0f640
- SHA1
  
  33ff455dda0fab4b18d941e08f63e7ea6e1c0f2b
- SHA256
  
  31a44ad3f328a5c26af64b8cd0b8c22e86a4a16e140f8a37aa4141c4a597abfa
- SHA512
  
  c13a6a1cb043379e348bfbe5125dd60c07f6456a75d49cde73e2b2e52caab09051891e2c4dbdac2ddaa6b4990630a34a45cc0ab5d7d543faf5a130b834c8a5b1
- SSDEEP
  
  12288:XH1vEBW5pvmexavWBW5pvzcvTBW5pvmexavWBW5pvO7E2hdvMBW5pvmexavWBW5g:XSBixNBJBixNBV7EgSBixNBJBixNB
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2