7b3e4ea690a06c18ed515cf1468f889fd291bec0f432eedb7e69c3389e0e5e6c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.800a98e2232330956c4ad0492cfdc89a.exe
Size

464KB
Sample

231112-vz8vcsaa86
MD5

800a98e2232330956c4ad0492cfdc89a
SHA1

7b9dd1c8695cf2be2f5e06d63e4c2f2d54f54478
SHA256

7b3e4ea690a06c18ed515cf1468f889fd291bec0f432eedb7e69c3389e0e5e6c
SHA512

fe5a46da4ee10232ecbeb76af6d5afa3189ad65071017acbb9d3e9b2b815a67442c1550fc79ecedc88e68ab355b682474afca77eff4d582f099649711d62a57f
SSDEEP

12288:pOlc87eqqV5e+wBV6O+A8o9pPyU9805ID2/vCf:pOSqqHeVBx19pVphSf

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.800a98e2232330956c4ad0492cfdc89a.exe
- Size
  
  464KB
- MD5
  
  800a98e2232330956c4ad0492cfdc89a
- SHA1
  
  7b9dd1c8695cf2be2f5e06d63e4c2f2d54f54478
- SHA256
  
  7b3e4ea690a06c18ed515cf1468f889fd291bec0f432eedb7e69c3389e0e5e6c
- SHA512
  
  fe5a46da4ee10232ecbeb76af6d5afa3189ad65071017acbb9d3e9b2b815a67442c1550fc79ecedc88e68ab355b682474afca77eff4d582f099649711d62a57f
- SSDEEP
  
  12288:pOlc87eqqV5e+wBV6O+A8o9pPyU9805ID2/vCf:pOSqqHeVBx19pVphSf
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2