6374c3294ac2e5805210fd174cbb72313e47e46e5072abbfa2ee9ac19cc4b796 | Triage

Sharing

General

Target

NEAS.a31602c995b0c8af626b6d0be30b3570.exe
Size

144KB
Sample

231115-agv6bsha23
MD5

a31602c995b0c8af626b6d0be30b3570
SHA1

91df5686d76105c23cc6bebfcce570f5c0de038d
SHA256

6374c3294ac2e5805210fd174cbb72313e47e46e5072abbfa2ee9ac19cc4b796
SHA512

c6c3dbde5078da4dc60538929926e9bc418136c80e99d24b8d716e1559a0358e75d957add9ef82f9c99f09bf9cbee60a57e319af505786a45a69416d84c104e5
SSDEEP

3072:/MvVMR3FZ7Exs7HzQ2rO+ZbvozdH13+EE+RaZ6r+GDZnBcVU:aVMR1Z7cYHM4rbvozd5IF6rfBBcVU

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.a31602c995b0c8af626b6d0be30b3570.exe
- Size
  
  144KB
- MD5
  
  a31602c995b0c8af626b6d0be30b3570
- SHA1
  
  91df5686d76105c23cc6bebfcce570f5c0de038d
- SHA256
  
  6374c3294ac2e5805210fd174cbb72313e47e46e5072abbfa2ee9ac19cc4b796
- SHA512
  
  c6c3dbde5078da4dc60538929926e9bc418136c80e99d24b8d716e1559a0358e75d957add9ef82f9c99f09bf9cbee60a57e319af505786a45a69416d84c104e5
- SSDEEP
  
  3072:/MvVMR3FZ7Exs7HzQ2rO+ZbvozdH13+EE+RaZ6r+GDZnBcVU:aVMR1Z7cYHM4rbvozd5IF6rfBBcVU
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2