2d448b25c9c4ef43746359a9ca535509c20b1eb4ea36419976bfdb41ba225d5c | Triage

Sharing

General

Target

NEAS.bc210fd7f23041dae592d6152b883c40.exe
Size

477KB
Sample

231117-wp5wdsdc8w
MD5

bc210fd7f23041dae592d6152b883c40
SHA1

890bc8e32e94b974cbe1d37d181ecc6c22f576ec
SHA256

2d448b25c9c4ef43746359a9ca535509c20b1eb4ea36419976bfdb41ba225d5c
SHA512

f28b5a7716f018470707fde97444d60ddf0fe8d1eaeb967a4bca6ac4a63d17edee0ccda56e2e7c7453a4dd0e01e9b9a27a57af3a47b779633a04bdd336ad686e
SSDEEP

6144:4CQ9NiZV1on/TNId/1fon/T9P7GSon/TNId/1fon/T2oI0YokOsfY7Uony:4LXjNIVyeNIVy2oIvPKO

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.bc210fd7f23041dae592d6152b883c40.exe
- Size
  
  477KB
- MD5
  
  bc210fd7f23041dae592d6152b883c40
- SHA1
  
  890bc8e32e94b974cbe1d37d181ecc6c22f576ec
- SHA256
  
  2d448b25c9c4ef43746359a9ca535509c20b1eb4ea36419976bfdb41ba225d5c
- SHA512
  
  f28b5a7716f018470707fde97444d60ddf0fe8d1eaeb967a4bca6ac4a63d17edee0ccda56e2e7c7453a4dd0e01e9b9a27a57af3a47b779633a04bdd336ad686e
- SSDEEP
  
  6144:4CQ9NiZV1on/TNId/1fon/T9P7GSon/TNId/1fon/T2oI0YokOsfY7Uony:4LXjNIVyeNIVy2oIvPKO
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2