ce1a59ec54d8f878d390ba294fcd7c09485b4b34ca84e7fbd04684078e9bd151 | Triage

Sharing

General

Target

nun.zip
Size

49KB
Sample

230712-hnvr5scc65
MD5

92db6983c76357a90ebfe6d0a21aa139
SHA1

c3b397662312a5ea229e934a89c8f3956375bc43
SHA256

ce1a59ec54d8f878d390ba294fcd7c09485b4b34ca84e7fbd04684078e9bd151
SHA512

331bd5e970dea1c952062015d08805ec79e1b71833aa12cf87649d353d1f76165fefe6385b5f5e1b52883a7e073c5923b9f07abb55f0421dfdcffa6e242353e5
SSDEEP

1536:XmTuFZMNzKMH2w9+/XShrVGYSh60egXzebT8OzRFW:EuFAu/ShIB60egX48Oq

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  nun.jar
- Size
  
  49KB
- MD5
  
  1ec26b2e83ccbffc6a8552d92d99a0da
- SHA1
  
  0158ee62d67584fcf1fe3d9665325762fbb1ee6e
- SHA256
  
  f3980210a51b33547b4fec31f77458036247dfcd12baca421eedc6bd4761aecf
- SHA512
  
  43d04bb614e170d3eda83d1783dbc58148b863e0c98cb10293c7a31bcae92ebdf55ad1a583336fbd005390d6fca13370f7a64a8b4a266f0d2aad53119aa01ff9
- SSDEEP
  
  768:BMoaNhfb2Ru7DBIJ/NxkRs8FmVyx468Bx7d+niXvh5913LQ5ip3+QEsZLHJ+x37M:EbyatImEZYENbQixEs5HJOI
Score

8^/10

evasion persistence
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence