29474ae8f576c7daf698952eb78c018b2dbed5931d064c9f24b69f51e3b2fbf4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28da5c1e0e22154483fa3c0039415c20_JC.exe
Size

256KB
Sample

231001-ntjjysad31
MD5

28da5c1e0e22154483fa3c0039415c20
SHA1

0dab5f317763d38bd877a40ad7548e87568a6e58
SHA256

29474ae8f576c7daf698952eb78c018b2dbed5931d064c9f24b69f51e3b2fbf4
SHA512

87bbfac869002f6d2e7071e2332f0f5e5ee3aa5b5c4497f53c12c87aa47d3f34f47a0f3e858ce6f9aeb2d12cf3ad7f7034b6c32da13481df5a7ccd956f58fffb
SSDEEP

6144:1LDWFj3i7IDOW9C81NByvZ6Mxv5Rar3O6B9fZSLhZmzbBy9:cFm7IDf9C8HByvNv54B9f01ZmHBy9

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  28da5c1e0e22154483fa3c0039415c20_JC.exe
- Size
  
  256KB
- MD5
  
  28da5c1e0e22154483fa3c0039415c20
- SHA1
  
  0dab5f317763d38bd877a40ad7548e87568a6e58
- SHA256
  
  29474ae8f576c7daf698952eb78c018b2dbed5931d064c9f24b69f51e3b2fbf4
- SHA512
  
  87bbfac869002f6d2e7071e2332f0f5e5ee3aa5b5c4497f53c12c87aa47d3f34f47a0f3e858ce6f9aeb2d12cf3ad7f7034b6c32da13481df5a7ccd956f58fffb
- SSDEEP
  
  6144:1LDWFj3i7IDOW9C81NByvZ6Mxv5Rar3O6B9fZSLhZmzbBy9:cFm7IDf9C8HByvNv54B9f01ZmHBy9
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2