f6115e6cefebdd58e3634979e13358225ae97a3f340afd4c3c78cf429fecebbc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.df145e8fba28bc795b3e4780db810740.exe
Size

520KB
Sample

231118-cw4r5ahc99
MD5

df145e8fba28bc795b3e4780db810740
SHA1

17d8b9505b53b6b750f5de9850adb987105e1e5f
SHA256

f6115e6cefebdd58e3634979e13358225ae97a3f340afd4c3c78cf429fecebbc
SHA512

c497813025203242050f34fc079cf4d5901c9ad1b661c31a6c45f39436d7595e505d1d8d79ed96fb19dbba872c04b3baa632d20d9b6da895972df62a35512695
SSDEEP

6144:cdy0V5CPXbo92ynnJz2LDK5S5CPXbo92ynnFjbHTFc7UaiYu5CPXbo92ynnJz2LO:cdy2NK/KUhzi7AZNK/KUhW

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.df145e8fba28bc795b3e4780db810740.exe
- Size
  
  520KB
- MD5
  
  df145e8fba28bc795b3e4780db810740
- SHA1
  
  17d8b9505b53b6b750f5de9850adb987105e1e5f
- SHA256
  
  f6115e6cefebdd58e3634979e13358225ae97a3f340afd4c3c78cf429fecebbc
- SHA512
  
  c497813025203242050f34fc079cf4d5901c9ad1b661c31a6c45f39436d7595e505d1d8d79ed96fb19dbba872c04b3baa632d20d9b6da895972df62a35512695
- SSDEEP
  
  6144:cdy0V5CPXbo92ynnJz2LDK5S5CPXbo92ynnFjbHTFc7UaiYu5CPXbo92ynnJz2LO:cdy2NK/KUhzi7AZNK/KUhW
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2