2c2647b5ffa56a03db15f160f6978e3e90c8ea3c1e984212d3acbb49c901126d | Triage

Sharing

General

Target

NEAS.4cb858df3db2e646886aa34021bf1130.exe
Size

440KB
Sample

231107-ylwjnafa41
MD5

4cb858df3db2e646886aa34021bf1130
SHA1

9c1bb286b6d9121ae3abb3e1648858a67e08f8c4
SHA256

2c2647b5ffa56a03db15f160f6978e3e90c8ea3c1e984212d3acbb49c901126d
SHA512

61cb3c3d2d2e4dd5c28f82b7b70b617f169b6694da039c84b29fd8d87704e8adea785072e86d8497dd8ff56b41ec103673c7f4fed48fb4084c29ec4f5cc306fd
SSDEEP

6144:GJKvl6ZV4U/vlf0DrBqvl8ZV4U/vlfl+9DvlEZV4U/vlf0DrBqvl8ZV4U/vlf:Gkvu6IveDVqvQ6IvYvc6IveDVqvQ6Iv

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.4cb858df3db2e646886aa34021bf1130.exe
- Size
  
  440KB
- MD5
  
  4cb858df3db2e646886aa34021bf1130
- SHA1
  
  9c1bb286b6d9121ae3abb3e1648858a67e08f8c4
- SHA256
  
  2c2647b5ffa56a03db15f160f6978e3e90c8ea3c1e984212d3acbb49c901126d
- SHA512
  
  61cb3c3d2d2e4dd5c28f82b7b70b617f169b6694da039c84b29fd8d87704e8adea785072e86d8497dd8ff56b41ec103673c7f4fed48fb4084c29ec4f5cc306fd
- SSDEEP
  
  6144:GJKvl6ZV4U/vlf0DrBqvl8ZV4U/vlfl+9DvlEZV4U/vlf0DrBqvl8ZV4U/vlf:Gkvu6IveDVqvQ6IvYvc6IveDVqvQ6Iv
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2