6545f1164d689609ed68843f54340adb9f291ef549b42bb3bc3e8479f39f606d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1384e1742c9dc08f9db4d25259fef3b_JC.exe
Size

100KB
Sample

230930-pgntksda98
MD5

b1384e1742c9dc08f9db4d25259fef3b
SHA1

264a061259e0194f1394e4903eeaa77ca8ef8b57
SHA256

6545f1164d689609ed68843f54340adb9f291ef549b42bb3bc3e8479f39f606d
SHA512

874c55069619a2d1d5c2f1bf9eb53c88ea01fa9fc7d61c5300be995851e5fa590b5ab45a143dd9ac804b17deb5498b2ac43417fd7036fc4da3f05724e43eb352
SSDEEP

1536:ZJ6TsywnsvTitUvPIKSW5t19eMq35glNFgblQQa3+om13XRzT:yTsYTitod5tSMqC5gb3a3+X13XRzT

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  b1384e1742c9dc08f9db4d25259fef3b_JC.exe
- Size
  
  100KB
- MD5
  
  b1384e1742c9dc08f9db4d25259fef3b
- SHA1
  
  264a061259e0194f1394e4903eeaa77ca8ef8b57
- SHA256
  
  6545f1164d689609ed68843f54340adb9f291ef549b42bb3bc3e8479f39f606d
- SHA512
  
  874c55069619a2d1d5c2f1bf9eb53c88ea01fa9fc7d61c5300be995851e5fa590b5ab45a143dd9ac804b17deb5498b2ac43417fd7036fc4da3f05724e43eb352
- SSDEEP
  
  1536:ZJ6TsywnsvTitUvPIKSW5t19eMq35glNFgblQQa3+om13XRzT:yTsYTitod5tSMqC5gb3a3+X13XRzT
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2