f35b71c116807ac81c0aa9c60c3946262c7680aeea56cb243d2bd993cef80875 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bed86abea14be8fd14820e2d68c79334_JC.exe
Size

148KB
Sample

231005-yjr4fsha33
MD5

bed86abea14be8fd14820e2d68c79334
SHA1

c9d53dc1b09a252eb3eb6965b70152f35f01f928
SHA256

f35b71c116807ac81c0aa9c60c3946262c7680aeea56cb243d2bd993cef80875
SHA512

dae9ddb8bcefdd7f68f9005a123cbc743af436b9cd8b132709baee0fb5b8f9f697f9f5fcc2a2ecd4f3b699ae350793000690aaf9950fa03e969149d67233b13c
SSDEEP

3072:TKPpV3iLtX9JaqWETebbGWHS7z9v8nrJDtD5adCpAl:TKPY3JfWEUGWH0zV8rJDtDqcAl

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  bed86abea14be8fd14820e2d68c79334_JC.exe
- Size
  
  148KB
- MD5
  
  bed86abea14be8fd14820e2d68c79334
- SHA1
  
  c9d53dc1b09a252eb3eb6965b70152f35f01f928
- SHA256
  
  f35b71c116807ac81c0aa9c60c3946262c7680aeea56cb243d2bd993cef80875
- SHA512
  
  dae9ddb8bcefdd7f68f9005a123cbc743af436b9cd8b132709baee0fb5b8f9f697f9f5fcc2a2ecd4f3b699ae350793000690aaf9950fa03e969149d67233b13c
- SSDEEP
  
  3072:TKPpV3iLtX9JaqWETebbGWHS7z9v8nrJDtD5adCpAl:TKPY3JfWEUGWH0zV8rJDtDqcAl
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2