d341cd722e5923f3232ba99ddcee5751c105d7e8c373e7a23da6e81e2268a55f | Triage

Sharing

General

Target

NEAS.b5d53f35e66ce6f735726eea3cf51940.exe
Size

275KB
Sample

231107-fr9pcsde26
MD5

b5d53f35e66ce6f735726eea3cf51940
SHA1

b1c4cdac833523c614ae7b986efd0692b8fa4cd1
SHA256

d341cd722e5923f3232ba99ddcee5751c105d7e8c373e7a23da6e81e2268a55f
SHA512

e6a729c86ce71f6d92a836a89a1e03e340db01569aa2365fdcc53a0433c0f6ede81113240be3e75d7053c869cf4730a726d606d38d4b44ade04929f7a0fd94a3
SSDEEP

6144:IXcShplc5/47+TzfYmWbRa3/hrMwcVKDmmWbRa3:IXc4mZrWlmMwcVKWl

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.b5d53f35e66ce6f735726eea3cf51940.exe
- Size
  
  275KB
- MD5
  
  b5d53f35e66ce6f735726eea3cf51940
- SHA1
  
  b1c4cdac833523c614ae7b986efd0692b8fa4cd1
- SHA256
  
  d341cd722e5923f3232ba99ddcee5751c105d7e8c373e7a23da6e81e2268a55f
- SHA512
  
  e6a729c86ce71f6d92a836a89a1e03e340db01569aa2365fdcc53a0433c0f6ede81113240be3e75d7053c869cf4730a726d606d38d4b44ade04929f7a0fd94a3
- SSDEEP
  
  6144:IXcShplc5/47+TzfYmWbRa3/hrMwcVKDmmWbRa3:IXc4mZrWlmMwcVKWl
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2