514a68fd7af4e86b1607ad5c01b2dae95c1358123a1f21109861b91654fec1b2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1851e9361f34d47c6ba140ed3da9c6b0.exe
Size

450KB
Sample

231112-p7naqsgd97
MD5

1851e9361f34d47c6ba140ed3da9c6b0
SHA1

48ee1fd97a235fc106f6fdfc13b9f7f1efc74835
SHA256

514a68fd7af4e86b1607ad5c01b2dae95c1358123a1f21109861b91654fec1b2
SHA512

6c214b23170f5632a19e61570064f4f86b1d5e3b760dbc74674aa8bd5f276231a78b3e3f0f5f8374a56273805a28c70e21b32e469ef8318251e406d3a500ff75
SSDEEP

12288:+tKe6Zv23YnFhl4/0xp/9CWUvFf6NdJvsNh4:s6Zv2EhlffGlC

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.1851e9361f34d47c6ba140ed3da9c6b0.exe
- Size
  
  450KB
- MD5
  
  1851e9361f34d47c6ba140ed3da9c6b0
- SHA1
  
  48ee1fd97a235fc106f6fdfc13b9f7f1efc74835
- SHA256
  
  514a68fd7af4e86b1607ad5c01b2dae95c1358123a1f21109861b91654fec1b2
- SHA512
  
  6c214b23170f5632a19e61570064f4f86b1d5e3b760dbc74674aa8bd5f276231a78b3e3f0f5f8374a56273805a28c70e21b32e469ef8318251e406d3a500ff75
- SSDEEP
  
  12288:+tKe6Zv23YnFhl4/0xp/9CWUvFf6NdJvsNh4:s6Zv2EhlffGlC
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Executes dropped EXE
- Modifies system executable filetype association
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2