f9cbf362631be00d7ad0b3a593e4af480c520fbc3740b99669c7da7242aa2a0c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1ac41bded62c9dc0c017c8a7d98cfcb4.exe
Size

361KB
Sample

231114-laxalaah54
MD5

1ac41bded62c9dc0c017c8a7d98cfcb4
SHA1

fbd90dccc849d5f4a5fb3725a36ecfdce529313e
SHA256

f9cbf362631be00d7ad0b3a593e4af480c520fbc3740b99669c7da7242aa2a0c
SHA512

9bacf1f2f117ddcccc118c39fbf2792268e71118b6dc0f27fe7b2c8138382bbb49826f08cf14aa7ea2bbba258198477b201d47c168fc665e181d82ebfcd3836b
SSDEEP

6144:dTvcVgH6sVQ///NR5fLvQ///NREQ///NR5fLYG3eujPQ///NR5f:dTvcVcw/Nq/NZ/NcZ7/N

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.1ac41bded62c9dc0c017c8a7d98cfcb4.exe
- Size
  
  361KB
- MD5
  
  1ac41bded62c9dc0c017c8a7d98cfcb4
- SHA1
  
  fbd90dccc849d5f4a5fb3725a36ecfdce529313e
- SHA256
  
  f9cbf362631be00d7ad0b3a593e4af480c520fbc3740b99669c7da7242aa2a0c
- SHA512
  
  9bacf1f2f117ddcccc118c39fbf2792268e71118b6dc0f27fe7b2c8138382bbb49826f08cf14aa7ea2bbba258198477b201d47c168fc665e181d82ebfcd3836b
- SSDEEP
  
  6144:dTvcVgH6sVQ///NR5fLvQ///NREQ///NR5fLYG3eujPQ///NR5f:dTvcVcw/Nq/NZ/NcZ7/N
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2