a92c7af15b989b1077029d40dd299c8ab0c0547490c6d3143bcf7d02c3c269fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.440d663d8a714e0c39bd251b1aaede90.exe
Size

2.4MB
Sample

231115-gvpn2adc88
MD5

440d663d8a714e0c39bd251b1aaede90
SHA1

c4276c8c3a348f4030092018dbe49056c2d6b670
SHA256

a92c7af15b989b1077029d40dd299c8ab0c0547490c6d3143bcf7d02c3c269fc
SHA512

e5faefcf67a185f248a234ac543c175b2cb5dbdb74fa7f0d4be94bb674e6c108a23afa7eae752d6aa0b2122a9fab5c21b4f4af26af5e4b10b2b37823a7643075
SSDEEP

49152:rIROZIEG190vgWgigZ6W5LXP63KNUR9IETjALJr87gigHR8z:k8ZREWYJXy3Z

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.440d663d8a714e0c39bd251b1aaede90.exe
- Size
  
  2.4MB
- MD5
  
  440d663d8a714e0c39bd251b1aaede90
- SHA1
  
  c4276c8c3a348f4030092018dbe49056c2d6b670
- SHA256
  
  a92c7af15b989b1077029d40dd299c8ab0c0547490c6d3143bcf7d02c3c269fc
- SHA512
  
  e5faefcf67a185f248a234ac543c175b2cb5dbdb74fa7f0d4be94bb674e6c108a23afa7eae752d6aa0b2122a9fab5c21b4f4af26af5e4b10b2b37823a7643075
- SSDEEP
  
  49152:rIROZIEG190vgWgigZ6W5LXP63KNUR9IETjALJr87gigHR8z:k8ZREWYJXy3Z
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2