8ecf0ce46182f8321105f19ba1e50cd68925e481a9b7c64088a8d93039333914 | Triage

Sharing

General

Target

8e5e85b87b0a5d6470b847ee3a76ac01_JC.exe
Size

155KB
Sample

230923-pqzbnshc53
MD5

8e5e85b87b0a5d6470b847ee3a76ac01
SHA1

b6e0d79528f0af642a099a1dfa22b8480200969c
SHA256

8ecf0ce46182f8321105f19ba1e50cd68925e481a9b7c64088a8d93039333914
SHA512

f88c3acb968fbc0f59b3d4a1c259d8b3282edde4bf155b2b89bf2b1d94cfa33c50cc4d1e70291e2c6a200919ac4d2a76dddf636847bf52d12b472d32716ec1f6
SSDEEP

3072:TrCgnNFlJaA9L2/qM5wUVryEznYfzB9BSwWO:Tr72A9L+51VryYOzLcK

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  8e5e85b87b0a5d6470b847ee3a76ac01_JC.exe
- Size
  
  155KB
- MD5
  
  8e5e85b87b0a5d6470b847ee3a76ac01
- SHA1
  
  b6e0d79528f0af642a099a1dfa22b8480200969c
- SHA256
  
  8ecf0ce46182f8321105f19ba1e50cd68925e481a9b7c64088a8d93039333914
- SHA512
  
  f88c3acb968fbc0f59b3d4a1c259d8b3282edde4bf155b2b89bf2b1d94cfa33c50cc4d1e70291e2c6a200919ac4d2a76dddf636847bf52d12b472d32716ec1f6
- SSDEEP
  
  3072:TrCgnNFlJaA9L2/qM5wUVryEznYfzB9BSwWO:Tr72A9L+51VryYOzLcK
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2