903071a9304647ee06319d047220cf0d5032176ca6724818e185c7df81f75a72 | Triage

Sharing

General

Target

NEAS.bbd87f7e1e62b69d2201431e2abfa2a0.exe
Size

391KB
Sample

231107-zmxzjsgb8t
MD5

bbd87f7e1e62b69d2201431e2abfa2a0
SHA1

8d8ff94ef924a5dea0afa3d4bf60a52863bfdf4a
SHA256

903071a9304647ee06319d047220cf0d5032176ca6724818e185c7df81f75a72
SHA512

5dbceb7da32750397b2dd21b0b8d73c1f9f4a86d469177228ac5638df599b5d70920a69533cf257b7bcc4ccee469eb990c75a2d87ab3dd5c8131fb52e5f9d0e6
SSDEEP

6144:GpcTE5QsDzaAfbAfNtTAfMAfFAfNPUmKyIxLfYeOO9UmKyIxL:G95QsrmNtuhUNP3cOK3

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.bbd87f7e1e62b69d2201431e2abfa2a0.exe
- Size
  
  391KB
- MD5
  
  bbd87f7e1e62b69d2201431e2abfa2a0
- SHA1
  
  8d8ff94ef924a5dea0afa3d4bf60a52863bfdf4a
- SHA256
  
  903071a9304647ee06319d047220cf0d5032176ca6724818e185c7df81f75a72
- SHA512
  
  5dbceb7da32750397b2dd21b0b8d73c1f9f4a86d469177228ac5638df599b5d70920a69533cf257b7bcc4ccee469eb990c75a2d87ab3dd5c8131fb52e5f9d0e6
- SSDEEP
  
  6144:GpcTE5QsDzaAfbAfNtTAfMAfFAfNPUmKyIxLfYeOO9UmKyIxL:G95QsrmNtuhUNP3cOK3
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2