251d0f1b7ba485c1fad10343221190ea7c36b5b8a6ecda15c8da778e6b98161e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e163155cd029f0ba7caf759e54a3d160.exe
Size

385KB
Sample

231112-3wkblaee64
MD5

e163155cd029f0ba7caf759e54a3d160
SHA1

f3c6526ca1aa0e9bbf3adc21dfe74ee5032750d4
SHA256

251d0f1b7ba485c1fad10343221190ea7c36b5b8a6ecda15c8da778e6b98161e
SHA512

8a8a091e42f4fe1c448ff792e23684938b6a0356a810961a674e9d2d598fbd4eaafb5d69a9cdfa78e3e7dd9f3acd3f1d8fd64a2a467605040c8face2d8c79699
SSDEEP

6144:ohCnmPsWldm/L8sFj5tT3sFKseuc8sNJEp1JQ5sFj5tT3sFK6:oofWldSgs15tLsDeuc8mJEp1cs15tLs9

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.e163155cd029f0ba7caf759e54a3d160.exe
- Size
  
  385KB
- MD5
  
  e163155cd029f0ba7caf759e54a3d160
- SHA1
  
  f3c6526ca1aa0e9bbf3adc21dfe74ee5032750d4
- SHA256
  
  251d0f1b7ba485c1fad10343221190ea7c36b5b8a6ecda15c8da778e6b98161e
- SHA512
  
  8a8a091e42f4fe1c448ff792e23684938b6a0356a810961a674e9d2d598fbd4eaafb5d69a9cdfa78e3e7dd9f3acd3f1d8fd64a2a467605040c8face2d8c79699
- SSDEEP
  
  6144:ohCnmPsWldm/L8sFj5tT3sFKseuc8sNJEp1JQ5sFj5tT3sFK6:oofWldSgs15tLsDeuc8mJEp1cs15tLs9
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2