0cf44eeafb92e1fd75fb904e7433da7a031c01c4a7f31a6c1acd9018749f04a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.35c22e6fee6b772e75d43d0a303f8ab7_JC.exe
Size

465KB
Sample

231011-szaapahh52
MD5

35c22e6fee6b772e75d43d0a303f8ab7
SHA1

4619ca102858f5b69e08f83ffc82079fc9603dbd
SHA256

0cf44eeafb92e1fd75fb904e7433da7a031c01c4a7f31a6c1acd9018749f04a4
SHA512

0a6564da0bf4e24b6f4f91b5d8f63302be18dc904b12e49f525379647ec6fefd971bd16f55b3e868c1d624a8b0cbdd8f61e446140aa46df802210d88f2ae08be
SSDEEP

6144:xysEQfEgy/PQ///NR5fKr2n0MO3LPlkUCmVs5bPQ///NR5frdQt383PQ///NR5fp:xykfHb/Ng1/Nmr/Ng1/NSf

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.35c22e6fee6b772e75d43d0a303f8ab7_JC.exe
- Size
  
  465KB
- MD5
  
  35c22e6fee6b772e75d43d0a303f8ab7
- SHA1
  
  4619ca102858f5b69e08f83ffc82079fc9603dbd
- SHA256
  
  0cf44eeafb92e1fd75fb904e7433da7a031c01c4a7f31a6c1acd9018749f04a4
- SHA512
  
  0a6564da0bf4e24b6f4f91b5d8f63302be18dc904b12e49f525379647ec6fefd971bd16f55b3e868c1d624a8b0cbdd8f61e446140aa46df802210d88f2ae08be
- SSDEEP
  
  6144:xysEQfEgy/PQ///NR5fKr2n0MO3LPlkUCmVs5bPQ///NR5frdQt383PQ///NR5fp:xykfHb/Ng1/Nmr/Ng1/NSf
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2