e19622d58a6f5c7994fed6a1b01fb33a2fdba80b5dc40bd04294cb765ad1fb56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.130b2c585b5f9e68b33d2e4adcbd4d36_JC.exe
Size

98KB
Sample

231011-spatgaha42
MD5

130b2c585b5f9e68b33d2e4adcbd4d36
SHA1

9d18cc33828557668f36acde06582d6eb0d987a9
SHA256

e19622d58a6f5c7994fed6a1b01fb33a2fdba80b5dc40bd04294cb765ad1fb56
SHA512

061ea27630e16a2cd60c97b4cd44b9e78c66810e28d2abc7a4e4ccfe1bfe49e506dafc5ba5d4d194be9d4054036f184954c42f8c9fc4a080ad2d455f4a8adeb9
SSDEEP

3072:NU+W+qNo3e9Sy/WuRad666Cjzzz0LWW+rre:S+WJ9SHuRa1jzzz0LWW+rre

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.130b2c585b5f9e68b33d2e4adcbd4d36_JC.exe
- Size
  
  98KB
- MD5
  
  130b2c585b5f9e68b33d2e4adcbd4d36
- SHA1
  
  9d18cc33828557668f36acde06582d6eb0d987a9
- SHA256
  
  e19622d58a6f5c7994fed6a1b01fb33a2fdba80b5dc40bd04294cb765ad1fb56
- SHA512
  
  061ea27630e16a2cd60c97b4cd44b9e78c66810e28d2abc7a4e4ccfe1bfe49e506dafc5ba5d4d194be9d4054036f184954c42f8c9fc4a080ad2d455f4a8adeb9
- SSDEEP
  
  3072:NU+W+qNo3e9Sy/WuRad666Cjzzz0LWW+rre:S+WJ9SHuRa1jzzz0LWW+rre
Score

8^/10

persistence
- Sets file execution options in registry
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2