35ae5d7b0bd61b3ca18b1575e132c504b4bcab99a158dd5a1c9ce92945addfc2 | Triage

Sharing

General

Target

35ae5d7b0bd61b3ca18b1575e132c504b4bcab99a158dd5a1c9ce92945addfc2_JC.zip
Size

24.8MB
Sample

230815-stvz7sdc8y
MD5

16a34b0e194b3f825a19db5363df4cca
SHA1

9d859bc8d2ffda11105b06b20e5f48cec78540c1
SHA256

35ae5d7b0bd61b3ca18b1575e132c504b4bcab99a158dd5a1c9ce92945addfc2
SHA512

25f5a3ce74738dc6d1f5294412dee12050b9f35ba733fe27ed62e1a1732df3724d15454ee741c3e45653bf4a116820bbdc7f0d2ab7661670dccad2781145c8db
SSDEEP

384:Z+8+ba0PH3XVgp/mYIDm/QuG/bSbiNsvidDTn1VhGiplDQpB+y:abXP8tIiQuGTUiSaVcZ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  현황조사표.xlsx.lnk
- Size
  
  24.8MB
- MD5
  
  0eb8db3cbde470407f942fd63afe42b8
- SHA1
  
  b93c13204acb4819c7688f847b1470ac25df52b3
- SHA256
  
  a39831ecbe0792adf87f63fb99557356ba688e5f6da8c2b058d2a3d0f0d7d1e4
- SHA512
  
  d2d05ac85b7e16cc26562317a043e6b90d970464e1837450ca46ffc2c3e9e3ed7e8202b98048787a23711b4af816aaa22972869db07e834ffdc1658780e57ae5
- SSDEEP
  
  384:8+8+ba0vH3XVgL/mYIDm/QuG/bSbiNsvidDTn1VhGiplDQpB+H:pbXvEtIiQuGTUiSaVcw
Score

8^/10

persistence
- Blocklisted process makes network request
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2