6e8274c17fc319a530b10d2f74b2a8831e8d7f590e716c14cf7841052a7d74ab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d19c401e6b93f4099731e75df28fa845.exe
Size

51KB
Sample

231114-ls9cwabc92
MD5

d19c401e6b93f4099731e75df28fa845
SHA1

bb9ff4aa83010f043cedcae69b208d4ad0525d11
SHA256

6e8274c17fc319a530b10d2f74b2a8831e8d7f590e716c14cf7841052a7d74ab
SHA512

c8af346c26998e6ad5175c1feefcfa65a7628f1f5bc00207e8a5163342882027e1207dc7b98299300acfa2c8ddb6764dcdc3157dba1856618c1823921a8ae093
SSDEEP

768:VXQBQ6CV87LFIryqrnlXDBJokvVXCG5aLItNqc7QqoXzz/1H5a:Vt69TqrnlDok1H5aLItNv7UXzB

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.d19c401e6b93f4099731e75df28fa845.exe
- Size
  
  51KB
- MD5
  
  d19c401e6b93f4099731e75df28fa845
- SHA1
  
  bb9ff4aa83010f043cedcae69b208d4ad0525d11
- SHA256
  
  6e8274c17fc319a530b10d2f74b2a8831e8d7f590e716c14cf7841052a7d74ab
- SHA512
  
  c8af346c26998e6ad5175c1feefcfa65a7628f1f5bc00207e8a5163342882027e1207dc7b98299300acfa2c8ddb6764dcdc3157dba1856618c1823921a8ae093
- SSDEEP
  
  768:VXQBQ6CV87LFIryqrnlXDBJokvVXCG5aLItNqc7QqoXzz/1H5a:Vt69TqrnlDok1H5aLItNv7UXzB
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2