1838fcfe826e785bb9b4156944a449b0e2417cfb57103889312328e6e44608ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9e928a7940e533a95b87a16e95ef61cc_JC.exe
Size

430KB
Sample

231005-xtf89sge82
MD5

9e928a7940e533a95b87a16e95ef61cc
SHA1

74c8c830a0f64ff9a7cfe693d9d59b3ca8ac29b9
SHA256

1838fcfe826e785bb9b4156944a449b0e2417cfb57103889312328e6e44608ca
SHA512

545398d507adc9ce3a3aabf256e27bb481c97ec7fbb360bbc81e9d439ccc7b5f03573d0bb936b641e715f7f6c91e98cb55ea8c2bcea638dfd8ffb330d3aeed97
SSDEEP

3072:R2gvLNHn2lk++/jVAURfE+HAokWmvEie0RFz3yE2ZwVh16Mz7GFD0AlWsnzj:R26Hsp+/jRs+HLlD0rN2ZwVht740Psz

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9e928a7940e533a95b87a16e95ef61cc_JC.exe
- Size
  
  430KB
- MD5
  
  9e928a7940e533a95b87a16e95ef61cc
- SHA1
  
  74c8c830a0f64ff9a7cfe693d9d59b3ca8ac29b9
- SHA256
  
  1838fcfe826e785bb9b4156944a449b0e2417cfb57103889312328e6e44608ca
- SHA512
  
  545398d507adc9ce3a3aabf256e27bb481c97ec7fbb360bbc81e9d439ccc7b5f03573d0bb936b641e715f7f6c91e98cb55ea8c2bcea638dfd8ffb330d3aeed97
- SSDEEP
  
  3072:R2gvLNHn2lk++/jVAURfE+HAokWmvEie0RFz3yE2ZwVh16Mz7GFD0AlWsnzj:R26Hsp+/jRs+HLlD0rN2ZwVht740Psz
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2