0f72979a71ccb7bec6b889e86e42cc82e3ebc8a513ed6f43fee64c05cf8929d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d7e4f63257d0211013e1e21d075745ec_JC.exe
Size

296KB
Sample

230923-remvlsga7s
MD5

d7e4f63257d0211013e1e21d075745ec
SHA1

4ad5f81fd095b82610b046b2f37bf7de1cd75af4
SHA256

0f72979a71ccb7bec6b889e86e42cc82e3ebc8a513ed6f43fee64c05cf8929d1
SHA512

3973ba339837e94bff64228f0c028248bd2fce3cda6a2d366d236faa5b1d3dd577f198c1b897db7e77f5a3acb86119d30db0e0b50ddec2fe97cfe9399bd0459f
SSDEEP

3072:HC4VI9JVzPgEgCe6yQQSARA1+6NhZ6P0c9fpxg6pg:HBU3gEtXyxoNPKG6g

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d7e4f63257d0211013e1e21d075745ec_JC.exe
- Size
  
  296KB
- MD5
  
  d7e4f63257d0211013e1e21d075745ec
- SHA1
  
  4ad5f81fd095b82610b046b2f37bf7de1cd75af4
- SHA256
  
  0f72979a71ccb7bec6b889e86e42cc82e3ebc8a513ed6f43fee64c05cf8929d1
- SHA512
  
  3973ba339837e94bff64228f0c028248bd2fce3cda6a2d366d236faa5b1d3dd577f198c1b897db7e77f5a3acb86119d30db0e0b50ddec2fe97cfe9399bd0459f
- SSDEEP
  
  3072:HC4VI9JVzPgEgCe6yQQSARA1+6NhZ6P0c9fpxg6pg:HBU3gEtXyxoNPKG6g
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2