0ce3765954d734b6dbaa365b099fb175e292b6b35c81307e552cb4a06ab0b1e9 | Triage

Sharing

General

Target

NEAS.e31573ecebca57c468b6589db4a820f0.exe
Size

91KB
Sample

231118-dw1k5sbb6s
MD5

e31573ecebca57c468b6589db4a820f0
SHA1

d1b9c78bb5d1cc39c28555cce9678552f1e6c819
SHA256

0ce3765954d734b6dbaa365b099fb175e292b6b35c81307e552cb4a06ab0b1e9
SHA512

fa360d55241a4f80b63b098dc1fa4920c8332ae4a148907f4e09aae34469331c55bb4b2ecb9cb5d0a65cbe0913279064793cad0afffd6963330810cb8a1292cd
SSDEEP

1536:8lEksbBUKLHLaVHAFMsWLaZ+LfFAuE1LuAu4wiF/W/gPCLLNMgw6:J/0VgHQaZ+fFANLrwKW/zLR/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.e31573ecebca57c468b6589db4a820f0.exe
- Size
  
  91KB
- MD5
  
  e31573ecebca57c468b6589db4a820f0
- SHA1
  
  d1b9c78bb5d1cc39c28555cce9678552f1e6c819
- SHA256
  
  0ce3765954d734b6dbaa365b099fb175e292b6b35c81307e552cb4a06ab0b1e9
- SHA512
  
  fa360d55241a4f80b63b098dc1fa4920c8332ae4a148907f4e09aae34469331c55bb4b2ecb9cb5d0a65cbe0913279064793cad0afffd6963330810cb8a1292cd
- SSDEEP
  
  1536:8lEksbBUKLHLaVHAFMsWLaZ+LfFAuE1LuAu4wiF/W/gPCLLNMgw6:J/0VgHQaZ+fFANLrwKW/zLR/
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2