48a32ebb3b4db46d1a9ed28ff17770daeb2e16e40a4a2ba0a7759618a660e969 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.398b6183c4bd64ced569df887d906a95.exe
Size

2.0MB
Sample

231117-vks6csce51
MD5

398b6183c4bd64ced569df887d906a95
SHA1

2ebcfa6ce4ff92e3fe0730998e74da9a7e7c91a9
SHA256

48a32ebb3b4db46d1a9ed28ff17770daeb2e16e40a4a2ba0a7759618a660e969
SHA512

c48358cd69e6525cedf457ff677de974c185a565f6cb926728d932f360cbda2ec21f5de8a9ec397282642f993e39b4d528403e4216eae2a8feac9bb5f8f6fb53
SSDEEP

12288:PXTQBpnchWcZoObfOS+9YGc3l1+RobUCmf2bx3zBX3yF+EKFhDzP3UZ9xE9jKB3y:PTQDcLfDdGOVmfihmevP3r9jKB3nwPg

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.398b6183c4bd64ced569df887d906a95.exe
- Size
  
  2.0MB
- MD5
  
  398b6183c4bd64ced569df887d906a95
- SHA1
  
  2ebcfa6ce4ff92e3fe0730998e74da9a7e7c91a9
- SHA256
  
  48a32ebb3b4db46d1a9ed28ff17770daeb2e16e40a4a2ba0a7759618a660e969
- SHA512
  
  c48358cd69e6525cedf457ff677de974c185a565f6cb926728d932f360cbda2ec21f5de8a9ec397282642f993e39b4d528403e4216eae2a8feac9bb5f8f6fb53
- SSDEEP
  
  12288:PXTQBpnchWcZoObfOS+9YGc3l1+RobUCmf2bx3zBX3yF+EKFhDzP3UZ9xE9jKB3y:PTQDcLfDdGOVmfihmevP3r9jKB3nwPg
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2