8da68fb3b5dbcfa87876ca414ba26d47c9f63633c4f18efe9e0ee396facbe062 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.bf3083b07343976b038bf42900dae680.exe
Size

986KB
Sample

231107-tsm4msdb99
MD5

bf3083b07343976b038bf42900dae680
SHA1

c2daef9293dcf35dfa0434883bc6d3c630f51940
SHA256

8da68fb3b5dbcfa87876ca414ba26d47c9f63633c4f18efe9e0ee396facbe062
SHA512

5d99c977f436420fdf8faa6103d25ac0b43892db4c1c8824b199030ba091c0b8400633e0cd82f98bf128a8cc65105dd488ffaea616b62f5b80d6b22079820d62
SSDEEP

3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjmHzW9hUd56JsuBSjwGPmO12i1Dzb5:Hha8iAx+1zwjmHd6vB/jO11zyT3rm7

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.bf3083b07343976b038bf42900dae680.exe
- Size
  
  986KB
- MD5
  
  bf3083b07343976b038bf42900dae680
- SHA1
  
  c2daef9293dcf35dfa0434883bc6d3c630f51940
- SHA256
  
  8da68fb3b5dbcfa87876ca414ba26d47c9f63633c4f18efe9e0ee396facbe062
- SHA512
  
  5d99c977f436420fdf8faa6103d25ac0b43892db4c1c8824b199030ba091c0b8400633e0cd82f98bf128a8cc65105dd488ffaea616b62f5b80d6b22079820d62
- SSDEEP
  
  3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjmHzW9hUd56JsuBSjwGPmO12i1Dzb5:Hha8iAx+1zwjmHd6vB/jO11zyT3rm7
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2