15d0ae256fcf6c3ad11ca3686411d6e327f496ee704eced19e013b89e3693eae | Triage

Sharing

General

Target

NEAS.ec082f1b7998c4412051cc338affa110.exe
Size

194KB
Sample

231107-ymanksfa6x
MD5

ec082f1b7998c4412051cc338affa110
SHA1

299797e956d9a4cc80228f5ca4014c953f1add44
SHA256

15d0ae256fcf6c3ad11ca3686411d6e327f496ee704eced19e013b89e3693eae
SHA512

5adcec2793be511a7a06b9c4afb9aa44c388891fa8c4bb763564ac0e2b2172afc4541c9927c6a6ee99fea9de9a8711a3ebe048ff129443002c2622628cacfeda
SSDEEP

3072:nfNJBUbHctcvYxKW8yCuekgu+tAcrbFAJc+RsUi1aVDkOvhJjvJ+uFli55p1:FJoHctAYxKwCF3rtMsQBvli

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.ec082f1b7998c4412051cc338affa110.exe
- Size
  
  194KB
- MD5
  
  ec082f1b7998c4412051cc338affa110
- SHA1
  
  299797e956d9a4cc80228f5ca4014c953f1add44
- SHA256
  
  15d0ae256fcf6c3ad11ca3686411d6e327f496ee704eced19e013b89e3693eae
- SHA512
  
  5adcec2793be511a7a06b9c4afb9aa44c388891fa8c4bb763564ac0e2b2172afc4541c9927c6a6ee99fea9de9a8711a3ebe048ff129443002c2622628cacfeda
- SSDEEP
  
  3072:nfNJBUbHctcvYxKW8yCuekgu+tAcrbFAJc+RsUi1aVDkOvhJjvJ+uFli55p1:FJoHctAYxKwCF3rtMsQBvli
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2