f57720b507e7ee3ec5c642b41d63a562ad8f3febe5f889a162778ae061f08f5b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.5818391eed3c177d337c5e8d66028acd_JC.exe
Size

236KB
Sample

231008-rlmhescg6w
MD5

5818391eed3c177d337c5e8d66028acd
SHA1

c0c852c182fff009513cdfb737f911dd3cdd7d99
SHA256

f57720b507e7ee3ec5c642b41d63a562ad8f3febe5f889a162778ae061f08f5b
SHA512

f53583fe2340d0b22885f5f3f818f46f31fadb58403b5db71066db919e7118391a05f25233fb5e2b21445069785f80e831de8c85535ff5a78c704d9f34825788
SSDEEP

3072:q3b+aNgdd1FuqvhrJ9IDlRxyhTbhgu+tAcrbFAJc+RsUi1aVDkOvhJjvJUp:qr+aNgjukhrsDshsrtMsQB4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.5818391eed3c177d337c5e8d66028acd_JC.exe
- Size
  
  236KB
- MD5
  
  5818391eed3c177d337c5e8d66028acd
- SHA1
  
  c0c852c182fff009513cdfb737f911dd3cdd7d99
- SHA256
  
  f57720b507e7ee3ec5c642b41d63a562ad8f3febe5f889a162778ae061f08f5b
- SHA512
  
  f53583fe2340d0b22885f5f3f818f46f31fadb58403b5db71066db919e7118391a05f25233fb5e2b21445069785f80e831de8c85535ff5a78c704d9f34825788
- SSDEEP
  
  3072:q3b+aNgdd1FuqvhrJ9IDlRxyhTbhgu+tAcrbFAJc+RsUi1aVDkOvhJjvJUp:qr+aNgjukhrsDshsrtMsQB4
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2