831d7ef0bc9be66b3575b7b9f1ef62263d46af04418c4dc13324d98d7cdc35a7 | Triage

Sharing

General

Target

NEAS.14c5b8eeb10b4b512e30b8c80a61b790.exe
Size

176KB
Sample

231115-a6bszshd79
MD5

14c5b8eeb10b4b512e30b8c80a61b790
SHA1

2e365eec08b18d05b6166151f6326428bc0b1511
SHA256

831d7ef0bc9be66b3575b7b9f1ef62263d46af04418c4dc13324d98d7cdc35a7
SHA512

b29807c5cc37a79b696da7d7cdc65475a0a3b24c447d1c64a135b02ee1ef490fb77e9e0b140d619c66d7592ef00b82a349633ab011f4c731de8f20f7e831a683
SSDEEP

3072:/WzSLqfSWRTarlOGA8d2E2fAYjmjRrz3E3:/WzS3OTRXE2fAEG4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.14c5b8eeb10b4b512e30b8c80a61b790.exe
- Size
  
  176KB
- MD5
  
  14c5b8eeb10b4b512e30b8c80a61b790
- SHA1
  
  2e365eec08b18d05b6166151f6326428bc0b1511
- SHA256
  
  831d7ef0bc9be66b3575b7b9f1ef62263d46af04418c4dc13324d98d7cdc35a7
- SHA512
  
  b29807c5cc37a79b696da7d7cdc65475a0a3b24c447d1c64a135b02ee1ef490fb77e9e0b140d619c66d7592ef00b82a349633ab011f4c731de8f20f7e831a683
- SSDEEP
  
  3072:/WzSLqfSWRTarlOGA8d2E2fAYjmjRrz3E3:/WzS3OTRXE2fAEG4
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2