2d9abd749c971c599a4feea32f1a7143646fdc5a2fbbb40e7dccf74157078e93 | Triage

Sharing

General

Target

NEAS.d715943f6fabfe6506a0b2ab399c9168.exe
Size

173KB
Sample

231117-vzpfqacg5z
MD5

d715943f6fabfe6506a0b2ab399c9168
SHA1

693f8f4a56af62e4dd533fa4e5475c2634ec95a7
SHA256

2d9abd749c971c599a4feea32f1a7143646fdc5a2fbbb40e7dccf74157078e93
SHA512

2c2f3017b49953cd49eb768160e447f17e681f3181f2bbcb41da6c88f85a88718ce80f43e0bff5ac62b641a80c271a527b4bb825f65941d6af97d2d5b11eb28a
SSDEEP

3072:SwyYcDxwr43lLpgOBCpiAB+s/vacknVwNtvSO06+ebX:SdYcDerIDB2ilsHhYyNtvSO0e

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.d715943f6fabfe6506a0b2ab399c9168.exe
- Size
  
  173KB
- MD5
  
  d715943f6fabfe6506a0b2ab399c9168
- SHA1
  
  693f8f4a56af62e4dd533fa4e5475c2634ec95a7
- SHA256
  
  2d9abd749c971c599a4feea32f1a7143646fdc5a2fbbb40e7dccf74157078e93
- SHA512
  
  2c2f3017b49953cd49eb768160e447f17e681f3181f2bbcb41da6c88f85a88718ce80f43e0bff5ac62b641a80c271a527b4bb825f65941d6af97d2d5b11eb28a
- SSDEEP
  
  3072:SwyYcDxwr43lLpgOBCpiAB+s/vacknVwNtvSO06+ebX:SdYcDerIDB2ilsHhYyNtvSO0e
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2