dcaf81f80f54cee0074e334363fb0d8d30f72b13e07a80c33327f569bfc7b26c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6ef18a49998f3a4542944a4396ba5a00.exe
Size

704KB
Sample

231107-x4822aga43
MD5

6ef18a49998f3a4542944a4396ba5a00
SHA1

219064b77bda6affa3b74c0e213b0a91bed7ad85
SHA256

dcaf81f80f54cee0074e334363fb0d8d30f72b13e07a80c33327f569bfc7b26c
SHA512

195a8f04bd2ef6e41dd4b1b2c72f3d2d09e6d242514206f4914e5cb15cdd40a0acb7b88b0ee0cc40429226c8539fbea89a551b679b4ae6633366d9b8320c087b
SSDEEP

3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjmHzW9hUd56JsuBSjwGPmO12i1Dzby:Hha8iAx+1zwjmHd6vB/jO11zbC

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.6ef18a49998f3a4542944a4396ba5a00.exe
- Size
  
  704KB
- MD5
  
  6ef18a49998f3a4542944a4396ba5a00
- SHA1
  
  219064b77bda6affa3b74c0e213b0a91bed7ad85
- SHA256
  
  dcaf81f80f54cee0074e334363fb0d8d30f72b13e07a80c33327f569bfc7b26c
- SHA512
  
  195a8f04bd2ef6e41dd4b1b2c72f3d2d09e6d242514206f4914e5cb15cdd40a0acb7b88b0ee0cc40429226c8539fbea89a551b679b4ae6633366d9b8320c087b
- SSDEEP
  
  3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjmHzW9hUd56JsuBSjwGPmO12i1Dzby:Hha8iAx+1zwjmHd6vB/jO11zbC
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2