59747a66047a418b3b0ef087517b6d574d7fb0a7ea7646467cbdb4fc317f0c1b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6fa3dbb6a5b163f554913b4c41e70010.exe
Size

84KB
Sample

231113-dzpytagd7z
MD5

6fa3dbb6a5b163f554913b4c41e70010
SHA1

e62ba1f9a1051f873bc0df4ff6e30fde7c9af4d3
SHA256

59747a66047a418b3b0ef087517b6d574d7fb0a7ea7646467cbdb4fc317f0c1b
SHA512

e8407920f6a3bc2d39af61c4800f14b785017461d7b8baec4e7a1adab4b017721be0e850dfeff1c20202b5519a59f8f5496761706a1622f3717d0fb6db711066
SSDEEP

1536:dazWlKzJVcNp++yQNS6xNNCT2l8NE8llbpTaCJRpsWr6cdaQTJSvYYP78Rxf:LFNpo6rIKlUE8fbkqRfbaQlaYYPq

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.6fa3dbb6a5b163f554913b4c41e70010.exe
- Size
  
  84KB
- MD5
  
  6fa3dbb6a5b163f554913b4c41e70010
- SHA1
  
  e62ba1f9a1051f873bc0df4ff6e30fde7c9af4d3
- SHA256
  
  59747a66047a418b3b0ef087517b6d574d7fb0a7ea7646467cbdb4fc317f0c1b
- SHA512
  
  e8407920f6a3bc2d39af61c4800f14b785017461d7b8baec4e7a1adab4b017721be0e850dfeff1c20202b5519a59f8f5496761706a1622f3717d0fb6db711066
- SSDEEP
  
  1536:dazWlKzJVcNp++yQNS6xNNCT2l8NE8llbpTaCJRpsWr6cdaQTJSvYYP78Rxf:LFNpo6rIKlUE8fbkqRfbaQlaYYPq
Score

8^/10

persistence
- Downloads MZ/PE file
- Sets service image path in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2