519f78ac37df2c017244f57a44b0a8ae30611d33f4e8fc5de2719e1e2650c069 | Triage

Sharing

General

Target

dfaf3a7c12810b18c38e0be0ffb13536_JC.exe
Size

235KB
Sample

231011-kavlbsdb29
MD5

dfaf3a7c12810b18c38e0be0ffb13536
SHA1

77911a71a81929920ce4ad74d13777c5bcdc0304
SHA256

519f78ac37df2c017244f57a44b0a8ae30611d33f4e8fc5de2719e1e2650c069
SHA512

e25548c812f6ee914dfb48029385d730a99859d3ddca8dc6bbd800bfa436cbfa01b5ae00ab27cad8961df0687ba53be3acf5577885621aea7edf72799d327e8a
SSDEEP

3072:LlIvf1+xc9UtsR9HOVMgu+tAcrbFAJc+RsUi1aVDkOvhJjvJ4vnZy7L5AuJaW4bu:5I6c79ulrtMsQB+vn87L5A5

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  dfaf3a7c12810b18c38e0be0ffb13536_JC.exe
- Size
  
  235KB
- MD5
  
  dfaf3a7c12810b18c38e0be0ffb13536
- SHA1
  
  77911a71a81929920ce4ad74d13777c5bcdc0304
- SHA256
  
  519f78ac37df2c017244f57a44b0a8ae30611d33f4e8fc5de2719e1e2650c069
- SHA512
  
  e25548c812f6ee914dfb48029385d730a99859d3ddca8dc6bbd800bfa436cbfa01b5ae00ab27cad8961df0687ba53be3acf5577885621aea7edf72799d327e8a
- SSDEEP
  
  3072:LlIvf1+xc9UtsR9HOVMgu+tAcrbFAJc+RsUi1aVDkOvhJjvJ4vnZy7L5AuJaW4bu:5I6c79ulrtMsQB+vn87L5A5
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2