42b69ef5306462b2526e3f7ed13af75aeec96135b0c4b1b77fb0b7988de40959 | Triage

Sharing

General

Target

NEAS.2aa9e987f72fc89c1f75b7e46ec46650.exe
Size

117KB
Sample

231107-esa2rabc3y
MD5

2aa9e987f72fc89c1f75b7e46ec46650
SHA1

bc2884a6dee89b24a80ec071248c666a0230e71a
SHA256

42b69ef5306462b2526e3f7ed13af75aeec96135b0c4b1b77fb0b7988de40959
SHA512

e122d95e3377b6369335d8fc02ebdf298e8270068c276474ae83546435aae4af2406e1da6c6720df5718263ea68f46bef857e376be4fb851264744d1bd35eba3
SSDEEP

1536:BoIcQYuzyINzmoY3NebW4rPUaGdP5h3ABlxGFUpFFfUN1Avhw6JCM:vfNk3NSPxIP5hQhGFYFFfUrQlM

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.2aa9e987f72fc89c1f75b7e46ec46650.exe
- Size
  
  117KB
- MD5
  
  2aa9e987f72fc89c1f75b7e46ec46650
- SHA1
  
  bc2884a6dee89b24a80ec071248c666a0230e71a
- SHA256
  
  42b69ef5306462b2526e3f7ed13af75aeec96135b0c4b1b77fb0b7988de40959
- SHA512
  
  e122d95e3377b6369335d8fc02ebdf298e8270068c276474ae83546435aae4af2406e1da6c6720df5718263ea68f46bef857e376be4fb851264744d1bd35eba3
- SSDEEP
  
  1536:BoIcQYuzyINzmoY3NebW4rPUaGdP5h3ABlxGFUpFFfUN1Avhw6JCM:vfNk3NSPxIP5hQhGFYFFfUrQlM
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2