1a8b21c02f1560505f2c34372f03351c9e9886c4725abe5c2cd2e29233b10eed | Triage

Sharing

General

Target

NEAS.17a7487400bd1254fdc9464bc4bf9000.exe
Size

1020KB
Sample

231115-hnd5dsdh44
MD5

17a7487400bd1254fdc9464bc4bf9000
SHA1

3f5114e6c8b86958c9fa7c3fafc0e9584af18431
SHA256

1a8b21c02f1560505f2c34372f03351c9e9886c4725abe5c2cd2e29233b10eed
SHA512

6b42946e71ab8764fec1e65aff8f3a71534b28fce63e729789889c3a252a9f301f2482600a5983a8e3c350f415de96756ea5f304b8ff08f33f6e0c5791239484
SSDEEP

24576:CFXPh2kkkkK4kXkkkkkkkkhLX3a20R0v50+YNpsKv2EvZl:CFnbazR0vKLXL

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.17a7487400bd1254fdc9464bc4bf9000.exe
- Size
  
  1020KB
- MD5
  
  17a7487400bd1254fdc9464bc4bf9000
- SHA1
  
  3f5114e6c8b86958c9fa7c3fafc0e9584af18431
- SHA256
  
  1a8b21c02f1560505f2c34372f03351c9e9886c4725abe5c2cd2e29233b10eed
- SHA512
  
  6b42946e71ab8764fec1e65aff8f3a71534b28fce63e729789889c3a252a9f301f2482600a5983a8e3c350f415de96756ea5f304b8ff08f33f6e0c5791239484
- SSDEEP
  
  24576:CFXPh2kkkkK4kXkkkkkkkkhLX3a20R0v50+YNpsKv2EvZl:CFnbazR0vKLXL
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2