2eeca1e642464df6e713eca589ee726bed6a413abb83861c294be0c48f0e62bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.839f82ea8cc9575f8ddbf241b8eb20b0.exe
Size

176KB
Sample

231112-z8afdaca7x
MD5

839f82ea8cc9575f8ddbf241b8eb20b0
SHA1

05a104a26276a7e37468292202c2f114501b4e92
SHA256

2eeca1e642464df6e713eca589ee726bed6a413abb83861c294be0c48f0e62bf
SHA512

871e616c1bd772b8f0e2f5fea0d6bfa517d1180467d5cf5a406d85fbd38c555dd5f3809a1f67711fecb980dc377f2c5faf37dca99ee4a052353c424a9bd0c82d
SSDEEP

3072:E0+JXjDcbd2NEarlOGA8d2E2fAYjmjRrz3E3:E0yPcbdKERXE2fAEG4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.839f82ea8cc9575f8ddbf241b8eb20b0.exe
- Size
  
  176KB
- MD5
  
  839f82ea8cc9575f8ddbf241b8eb20b0
- SHA1
  
  05a104a26276a7e37468292202c2f114501b4e92
- SHA256
  
  2eeca1e642464df6e713eca589ee726bed6a413abb83861c294be0c48f0e62bf
- SHA512
  
  871e616c1bd772b8f0e2f5fea0d6bfa517d1180467d5cf5a406d85fbd38c555dd5f3809a1f67711fecb980dc377f2c5faf37dca99ee4a052353c424a9bd0c82d
- SSDEEP
  
  3072:E0+JXjDcbd2NEarlOGA8d2E2fAYjmjRrz3E3:E0yPcbdKERXE2fAEG4
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2