2c8db12ea69c8696df7ff684ebb8324d3feaa480d4f5dc80a518452c2cb2beee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04e11bc27c6d4273437d119c8b37f860_NEAS
Size

2.7MB
Sample

240507-xkna8acg92
MD5

04e11bc27c6d4273437d119c8b37f860
SHA1

1c1a89e4931af36d8b46d31ca2911753358a7ebd
SHA256

2c8db12ea69c8696df7ff684ebb8324d3feaa480d4f5dc80a518452c2cb2beee
SHA512

0b5f610feebc9b2b238d5916874b09da3716eafe8c3f82a4762e01dd734512479cb59e6b5df81a14954934f36a0d7820cd62f8ec5fe11cf44d94eea827fcb6eb
SSDEEP

49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBC9w4Sx:+R0pI/IQlUoMPdmpSpU4

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  04e11bc27c6d4273437d119c8b37f860_NEAS
- Size
  
  2.7MB
- MD5
  
  04e11bc27c6d4273437d119c8b37f860
- SHA1
  
  1c1a89e4931af36d8b46d31ca2911753358a7ebd
- SHA256
  
  2c8db12ea69c8696df7ff684ebb8324d3feaa480d4f5dc80a518452c2cb2beee
- SHA512
  
  0b5f610feebc9b2b238d5916874b09da3716eafe8c3f82a4762e01dd734512479cb59e6b5df81a14954934f36a0d7820cd62f8ec5fe11cf44d94eea827fcb6eb
- SSDEEP
  
  49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBC9w4Sx:+R0pI/IQlUoMPdmpSpU4
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2