ec2aa633d27ff78467fbb12633c69f0d0d65d7d808a110adaed13d7e062c5e0a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2550e3835c867fd8448bda1ae9df461_JC.exe
Size

257KB
Sample

231011-kalnesda85
MD5

e2550e3835c867fd8448bda1ae9df461
SHA1

ab06aa02b3279c04f4a4539b8543119ad0bbc18f
SHA256

ec2aa633d27ff78467fbb12633c69f0d0d65d7d808a110adaed13d7e062c5e0a
SHA512

04871d9c0afd3913aefc983b4d9f64216d3889fb46880e05dcbb9d45d35c9adc1eb0dadb16835f238f02c47c82701f66ce883446c54e80bd012cbf1d9a0b2276
SSDEEP

3072:IAS4cgMxdfccfyqNPXSMBoutkTy27zh5cl:tJhuhccfvN/lBoSkTl7zjK

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  e2550e3835c867fd8448bda1ae9df461_JC.exe
- Size
  
  257KB
- MD5
  
  e2550e3835c867fd8448bda1ae9df461
- SHA1
  
  ab06aa02b3279c04f4a4539b8543119ad0bbc18f
- SHA256
  
  ec2aa633d27ff78467fbb12633c69f0d0d65d7d808a110adaed13d7e062c5e0a
- SHA512
  
  04871d9c0afd3913aefc983b4d9f64216d3889fb46880e05dcbb9d45d35c9adc1eb0dadb16835f238f02c47c82701f66ce883446c54e80bd012cbf1d9a0b2276
- SSDEEP
  
  3072:IAS4cgMxdfccfyqNPXSMBoutkTy27zh5cl:tJhuhccfvN/lBoSkTl7zjK
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2