79e7789d07ab0ff02ae9ac0e7150bc632c00a6b4dfdcfd1d6ed48960c2dc0378 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b831d32d7eb2a469fcca4cf7c8677f8a.exe
Size

95KB
Sample

231114-ket6cshf91
MD5

b831d32d7eb2a469fcca4cf7c8677f8a
SHA1

7f76fec8807e82e686c4a2a84d4a143e70bee2da
SHA256

79e7789d07ab0ff02ae9ac0e7150bc632c00a6b4dfdcfd1d6ed48960c2dc0378
SHA512

7005eb5662590f7c5706cc518021613bf3a9a4baf1a8a75c2339b786422396db8be904a5527666b86994a08fb497244efed61e715fa6c8f345a502b040044794
SSDEEP

1536:HFJlJ8gB8jTgh/+RZj5Ex5Vm0O758UFTMiuCRQrYtRVRoRch1dROrwpOudRirVtB:5J8cs4mr5Ex5Vm0AlFQiZeKTWM1dQrTH

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.b831d32d7eb2a469fcca4cf7c8677f8a.exe
- Size
  
  95KB
- MD5
  
  b831d32d7eb2a469fcca4cf7c8677f8a
- SHA1
  
  7f76fec8807e82e686c4a2a84d4a143e70bee2da
- SHA256
  
  79e7789d07ab0ff02ae9ac0e7150bc632c00a6b4dfdcfd1d6ed48960c2dc0378
- SHA512
  
  7005eb5662590f7c5706cc518021613bf3a9a4baf1a8a75c2339b786422396db8be904a5527666b86994a08fb497244efed61e715fa6c8f345a502b040044794
- SSDEEP
  
  1536:HFJlJ8gB8jTgh/+RZj5Ex5Vm0O758UFTMiuCRQrYtRVRoRch1dROrwpOudRirVtB:5J8cs4mr5Ex5Vm0AlFQiZeKTWM1dQrTH
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2