fe4d1366beda6b2c7df1d8c80730f9f579a13b8362dddc640af2ac3f02efc1d2 | Triage

Sharing

General

Target

NEAS.a4ebbf648b36244b839dbed8fbf8e506.exe
Size

273KB
Sample

231107-se3rhace72
MD5

a4ebbf648b36244b839dbed8fbf8e506
SHA1

8139a93fb5d38e57515e07643805ba6c6656d981
SHA256

fe4d1366beda6b2c7df1d8c80730f9f579a13b8362dddc640af2ac3f02efc1d2
SHA512

e217d6044a28343091b0c3e55f3a36d25d265c23a49d7418bd4cade4adba43a43546c6e548070131a3e1a7c7e97a78bb5e987468c4d7cba4133c6e20049e0f0a
SSDEEP

6144:HNNxRvbcibfvlsZRkTebwBhGv4dC+1R8pvBgL0eXkUbGKl9veOPSV3uo97fQ6uPL:Hvt

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.a4ebbf648b36244b839dbed8fbf8e506.exe
- Size
  
  273KB
- MD5
  
  a4ebbf648b36244b839dbed8fbf8e506
- SHA1
  
  8139a93fb5d38e57515e07643805ba6c6656d981
- SHA256
  
  fe4d1366beda6b2c7df1d8c80730f9f579a13b8362dddc640af2ac3f02efc1d2
- SHA512
  
  e217d6044a28343091b0c3e55f3a36d25d265c23a49d7418bd4cade4adba43a43546c6e548070131a3e1a7c7e97a78bb5e987468c4d7cba4133c6e20049e0f0a
- SSDEEP
  
  6144:HNNxRvbcibfvlsZRkTebwBhGv4dC+1R8pvBgL0eXkUbGKl9veOPSV3uo97fQ6uPL:Hvt
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2