a9bcd410f57a98f91a5bdf29de13130b08c8fe7c6826c9345c36098d9266a88d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e17fba0356ce96d87f3a5872fb8c4400.exe
Size

782KB
Sample

231112-pzkjwaga92
MD5

e17fba0356ce96d87f3a5872fb8c4400
SHA1

92eb5895a1b9b69a2d1499aa4db073d0ae5213b7
SHA256

a9bcd410f57a98f91a5bdf29de13130b08c8fe7c6826c9345c36098d9266a88d
SHA512

cd5a6aa65509fd910087b52c3fa8590cfc001609787ceaed62a687b14f9af425f4e3fb760a0a27ad0e9f355cb8fcf6798d6baac94050777afcdf72de0bbde0a3
SSDEEP

12288:NEjYAUr/+zrWAI5KFum/+zrWAIAqWim/mFYhAeI/+zrWAI5KFum/+zrWAIAqWimQ:QFCm0BmmvFim09eIm0BmmvFimQ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.e17fba0356ce96d87f3a5872fb8c4400.exe
- Size
  
  782KB
- MD5
  
  e17fba0356ce96d87f3a5872fb8c4400
- SHA1
  
  92eb5895a1b9b69a2d1499aa4db073d0ae5213b7
- SHA256
  
  a9bcd410f57a98f91a5bdf29de13130b08c8fe7c6826c9345c36098d9266a88d
- SHA512
  
  cd5a6aa65509fd910087b52c3fa8590cfc001609787ceaed62a687b14f9af425f4e3fb760a0a27ad0e9f355cb8fcf6798d6baac94050777afcdf72de0bbde0a3
- SSDEEP
  
  12288:NEjYAUr/+zrWAI5KFum/+zrWAIAqWim/mFYhAeI/+zrWAI5KFum/+zrWAIAqWimQ:QFCm0BmmvFim09eIm0BmmvFimQ
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2