f0f3f3d2e7afcd32f29ad2ec7815fa61df93f69233d1f156331807e577e28d6a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.f75184dc4ea68149edc53dee429f9280.exe
Size

272KB
Sample

231116-npxwsabc54
MD5

f75184dc4ea68149edc53dee429f9280
SHA1

d27df1d36fe94faa2eb63f43b90b30fe0d82b372
SHA256

f0f3f3d2e7afcd32f29ad2ec7815fa61df93f69233d1f156331807e577e28d6a
SHA512

7d745ea1d22d506f9b9582cc51ad311504bf0c0c4f10eea40051798501bb03d6e620216a394a4e2b6e5632c6159c4e28e83c94f253b108c0c84245eb753f923d
SSDEEP

6144:HgllZukD6xjC6ZgsOK4AHXwpnxGvN98gZ+/+:Hgnex+6ZxyhY97n

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.f75184dc4ea68149edc53dee429f9280.exe
- Size
  
  272KB
- MD5
  
  f75184dc4ea68149edc53dee429f9280
- SHA1
  
  d27df1d36fe94faa2eb63f43b90b30fe0d82b372
- SHA256
  
  f0f3f3d2e7afcd32f29ad2ec7815fa61df93f69233d1f156331807e577e28d6a
- SHA512
  
  7d745ea1d22d506f9b9582cc51ad311504bf0c0c4f10eea40051798501bb03d6e620216a394a4e2b6e5632c6159c4e28e83c94f253b108c0c84245eb753f923d
- SSDEEP
  
  6144:HgllZukD6xjC6ZgsOK4AHXwpnxGvN98gZ+/+:Hgnex+6ZxyhY97n
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2