6c1171cd2fbd87507f87197d1cb3f7177797b0101fd98e2d59d76def91eb2119 | Triage

Sharing

General

Target

e4cc26fa04c068e958685362257cfb82_JC.exe
Size

426KB
Sample

231011-kafr6sda66
MD5

e4cc26fa04c068e958685362257cfb82
SHA1

4cb70f7399affad7a143c251eee281645606431a
SHA256

6c1171cd2fbd87507f87197d1cb3f7177797b0101fd98e2d59d76def91eb2119
SHA512

85d62d6e3bcfa1021ee1bf5fbf637d7e759b2aea7c56fafb4cffaccbb07a0da71d505695fd9a31140a57d85d9f7a79aaf0098f5ebab12bae4bd137cf1d661029
SSDEEP

6144:v7/KEkdtQXX0ve6UK+42GTQMJSZO5f7y164kND4Th:vYcfkY660f+04iD4Th

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  e4cc26fa04c068e958685362257cfb82_JC.exe
- Size
  
  426KB
- MD5
  
  e4cc26fa04c068e958685362257cfb82
- SHA1
  
  4cb70f7399affad7a143c251eee281645606431a
- SHA256
  
  6c1171cd2fbd87507f87197d1cb3f7177797b0101fd98e2d59d76def91eb2119
- SHA512
  
  85d62d6e3bcfa1021ee1bf5fbf637d7e759b2aea7c56fafb4cffaccbb07a0da71d505695fd9a31140a57d85d9f7a79aaf0098f5ebab12bae4bd137cf1d661029
- SSDEEP
  
  6144:v7/KEkdtQXX0ve6UK+42GTQMJSZO5f7y164kND4Th:vYcfkY660f+04iD4Th
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2