74bec903024e702eb02bd935c0ad70062d8ff6aa7ed26d90c357feced98b28c8 | Triage

Sharing

General

Target

398d829f19274c4852d4d5cb195bd820_NEAS
Size

364KB
Sample

240507-l8py6sec96
MD5

398d829f19274c4852d4d5cb195bd820
SHA1

855293a3023265689f002db325f55fc47b9d8661
SHA256

74bec903024e702eb02bd935c0ad70062d8ff6aa7ed26d90c357feced98b28c8
SHA512

7ae2ceea90f2897f23cac24654df2d207a9263f589aaa09bff479b9dc24c86868a49bd5c3e2182e10e1af94beafc0b32fd6efcc5a34a38d5c681a8e30a8fb730
SSDEEP

6144:mAtUZBkxkin8eV+tbFOLM77OLnFe3HCqxNRmJ4PavntPRRI:ztUZBkx5KtsNePmjvtPRRI

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  398d829f19274c4852d4d5cb195bd820_NEAS
- Size
  
  364KB
- MD5
  
  398d829f19274c4852d4d5cb195bd820
- SHA1
  
  855293a3023265689f002db325f55fc47b9d8661
- SHA256
  
  74bec903024e702eb02bd935c0ad70062d8ff6aa7ed26d90c357feced98b28c8
- SHA512
  
  7ae2ceea90f2897f23cac24654df2d207a9263f589aaa09bff479b9dc24c86868a49bd5c3e2182e10e1af94beafc0b32fd6efcc5a34a38d5c681a8e30a8fb730
- SSDEEP
  
  6144:mAtUZBkxkin8eV+tbFOLM77OLnFe3HCqxNRmJ4PavntPRRI:ztUZBkx5KtsNePmjvtPRRI
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2