b61dbb0e7b18d8f7253161cfb6bfbcb7a5b5601d087c986a5e8eea4fc71d8c87 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d69f04d58aa2c8d1ad476e4090f20c00.exe
Size

165KB
Sample

231117-fcbh1sfb36
MD5

d69f04d58aa2c8d1ad476e4090f20c00
SHA1

46b07c1001cafda459731cbf3f4172d5ff9958af
SHA256

b61dbb0e7b18d8f7253161cfb6bfbcb7a5b5601d087c986a5e8eea4fc71d8c87
SHA512

6a9077ec22520d338cf56ba2ce474cad0754307e00842dafbce87cc630e54b67a95d011b1daddf666c5c0f109b99bd17ceaed2601f77ef785961eba2c7fbeeae
SSDEEP

3072:HhKv6s9HuueT3vQfEdArGzHq+egM5bylnO/hZP:BKvX9HuuebQMdArGzHregqgnO

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.d69f04d58aa2c8d1ad476e4090f20c00.exe
- Size
  
  165KB
- MD5
  
  d69f04d58aa2c8d1ad476e4090f20c00
- SHA1
  
  46b07c1001cafda459731cbf3f4172d5ff9958af
- SHA256
  
  b61dbb0e7b18d8f7253161cfb6bfbcb7a5b5601d087c986a5e8eea4fc71d8c87
- SHA512
  
  6a9077ec22520d338cf56ba2ce474cad0754307e00842dafbce87cc630e54b67a95d011b1daddf666c5c0f109b99bd17ceaed2601f77ef785961eba2c7fbeeae
- SSDEEP
  
  3072:HhKv6s9HuueT3vQfEdArGzHq+egM5bylnO/hZP:BKvX9HuuebQMdArGzHregqgnO
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2