e8052b24f7df7ffb063f39fd1cbef11e2aca963988dedfc25b439d3687f11a78 | Triage

Sharing

General

Target

NEAS.d8b90fd0c91340d38384765f31edf6f0.exe
Size

348KB
Sample

231117-ev1eeseg92
MD5

d8b90fd0c91340d38384765f31edf6f0
SHA1

aebf2a7126954c4422749f579dd98247c80d2e2f
SHA256

e8052b24f7df7ffb063f39fd1cbef11e2aca963988dedfc25b439d3687f11a78
SHA512

45850e780c6dc3de54081bb798cf901fafd4a0d5621ffeb1536cedd4259bc7cfd90b37bc8f540da7cdfb5e12a90133eb954a717dee1c7c879ab2b78e9705ffd3
SSDEEP

6144:gjW86LfUlAxxANuduX4dbbLfUlAxxANuvlrJEcfR0000Y8LfUlAxxANuduXX:gydUlBaTUlBclrbUlBN

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.d8b90fd0c91340d38384765f31edf6f0.exe
- Size
  
  348KB
- MD5
  
  d8b90fd0c91340d38384765f31edf6f0
- SHA1
  
  aebf2a7126954c4422749f579dd98247c80d2e2f
- SHA256
  
  e8052b24f7df7ffb063f39fd1cbef11e2aca963988dedfc25b439d3687f11a78
- SHA512
  
  45850e780c6dc3de54081bb798cf901fafd4a0d5621ffeb1536cedd4259bc7cfd90b37bc8f540da7cdfb5e12a90133eb954a717dee1c7c879ab2b78e9705ffd3
- SSDEEP
  
  6144:gjW86LfUlAxxANuduX4dbbLfUlAxxANuvlrJEcfR0000Y8LfUlAxxANuduXX:gydUlBaTUlBclrbUlBN
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2