2ca1d256b48ed1f5f607a3f9af91fd98cea5d659a0b3f70b29c5ff082c9d52e2 | Triage

Sharing

General

Target

492eb5ec4f3501718b3b8c82064480c0_NEAS
Size

256KB
Sample

240507-b6qgtafh33
MD5

492eb5ec4f3501718b3b8c82064480c0
SHA1

d14b5fc4c31ea8fcb07c5a24cedaa1ef87f287e3
SHA256

2ca1d256b48ed1f5f607a3f9af91fd98cea5d659a0b3f70b29c5ff082c9d52e2
SHA512

492d47d9b11ea899afe3be5c1be703232835cd2752bd4faf3089624f97c7c5e66bc74f01e5e68fcc715ac5532dbadeabd6af5f1717f23c4b6af31b1f76e85b14
SSDEEP

6144:hjicY5uiKPXuapoaCPXbo92ynnZlVrtv35CPXbo92ynnH:hjicY8ruqFHRD

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  492eb5ec4f3501718b3b8c82064480c0_NEAS
- Size
  
  256KB
- MD5
  
  492eb5ec4f3501718b3b8c82064480c0
- SHA1
  
  d14b5fc4c31ea8fcb07c5a24cedaa1ef87f287e3
- SHA256
  
  2ca1d256b48ed1f5f607a3f9af91fd98cea5d659a0b3f70b29c5ff082c9d52e2
- SHA512
  
  492d47d9b11ea899afe3be5c1be703232835cd2752bd4faf3089624f97c7c5e66bc74f01e5e68fcc715ac5532dbadeabd6af5f1717f23c4b6af31b1f76e85b14
- SSDEEP
  
  6144:hjicY5uiKPXuapoaCPXbo92ynnZlVrtv35CPXbo92ynnH:hjicY8ruqFHRD
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2