127b7944f936a0695180e22afec0c23533ceb572143dc33a3f8f072eff6583ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d11ad296236192e3757341e314b8a835.exe
Size

599KB
Sample

231107-rvd8eahe81
MD5

d11ad296236192e3757341e314b8a835
SHA1

9add5ec1cb259b6ad424733de271bbb228e90368
SHA256

127b7944f936a0695180e22afec0c23533ceb572143dc33a3f8f072eff6583ea
SHA512

156196003f2876f558fe074322f43d7004405888eca0589c415e190829fb88fc67fd0a3f3039f2c66fe72ab1527dfd866303f7bcb2dee4a3fdd0d2c01c7a04ab
SSDEEP

3072:H+ZvkWp8qX96QfCDpMqrT4GmdVM3bXKCKk3T1a/PTYhA7Jf22QA6Ivv1tH/nSrNF:eZmqt6Qyiy3b6CR10TY8JOArF9S9

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.d11ad296236192e3757341e314b8a835.exe
- Size
  
  599KB
- MD5
  
  d11ad296236192e3757341e314b8a835
- SHA1
  
  9add5ec1cb259b6ad424733de271bbb228e90368
- SHA256
  
  127b7944f936a0695180e22afec0c23533ceb572143dc33a3f8f072eff6583ea
- SHA512
  
  156196003f2876f558fe074322f43d7004405888eca0589c415e190829fb88fc67fd0a3f3039f2c66fe72ab1527dfd866303f7bcb2dee4a3fdd0d2c01c7a04ab
- SSDEEP
  
  3072:H+ZvkWp8qX96QfCDpMqrT4GmdVM3bXKCKk3T1a/PTYhA7Jf22QA6Ivv1tH/nSrNF:eZmqt6Qyiy3b6CR10TY8JOArF9S9
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2