a80c59e5c3793b0e292554b4c780d25d8a2fb03fb57de0eb3ea63f6d379dff8c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b26a0b4db5d8bf28ee286ffde879d610.exe
Size

59KB
Sample

231117-dtyc1afc4w
MD5

b26a0b4db5d8bf28ee286ffde879d610
SHA1

604dea5f23002ca63f5b950b3b7d8600847524b3
SHA256

a80c59e5c3793b0e292554b4c780d25d8a2fb03fb57de0eb3ea63f6d379dff8c
SHA512

50d5d7c12e47662cc402e65488dbc08d010126e364a427ff9ddedde9ffdb86a72a98bde31da300a214ae743147c1be5a7268d18b947206cf38ecfbe127404e52
SSDEEP

1536:fUiUaZ2n7tyfALBhzaSouullS5VXajKNCyVso:VUagJyfANdyYVYxeso

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.b26a0b4db5d8bf28ee286ffde879d610.exe
- Size
  
  59KB
- MD5
  
  b26a0b4db5d8bf28ee286ffde879d610
- SHA1
  
  604dea5f23002ca63f5b950b3b7d8600847524b3
- SHA256
  
  a80c59e5c3793b0e292554b4c780d25d8a2fb03fb57de0eb3ea63f6d379dff8c
- SHA512
  
  50d5d7c12e47662cc402e65488dbc08d010126e364a427ff9ddedde9ffdb86a72a98bde31da300a214ae743147c1be5a7268d18b947206cf38ecfbe127404e52
- SSDEEP
  
  1536:fUiUaZ2n7tyfALBhzaSouullS5VXajKNCyVso:VUagJyfANdyYVYxeso
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2