de70bd56fdce71bafa22b9edda89f132794a2e8d5cd07fed5ea6c6fa35d87aa3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.f9e397291f05e8efcd03693d46ebf115_JC.exe
Size

153KB
Sample

231011-xng9daha84
MD5

f9e397291f05e8efcd03693d46ebf115
SHA1

55f91405f54e5fe5adb58125a764247456d3394a
SHA256

de70bd56fdce71bafa22b9edda89f132794a2e8d5cd07fed5ea6c6fa35d87aa3
SHA512

16ae6f32952c8e3ce3e0beb119d8ec74db911117dad38e6eb854b6d690039f5740664a73fdcafbd22dc2f40793b1f8b6ef8d3171a87dc4b2cbdbed23826d39b9
SSDEEP

3072:huhch7DNzKIeUAEQGBcHN0OlaxP3DZyN/+oeRpxPdZFibDyxn:2qDtdAHj05xP3DZyN1eRppzcexn

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.f9e397291f05e8efcd03693d46ebf115_JC.exe
- Size
  
  153KB
- MD5
  
  f9e397291f05e8efcd03693d46ebf115
- SHA1
  
  55f91405f54e5fe5adb58125a764247456d3394a
- SHA256
  
  de70bd56fdce71bafa22b9edda89f132794a2e8d5cd07fed5ea6c6fa35d87aa3
- SHA512
  
  16ae6f32952c8e3ce3e0beb119d8ec74db911117dad38e6eb854b6d690039f5740664a73fdcafbd22dc2f40793b1f8b6ef8d3171a87dc4b2cbdbed23826d39b9
- SSDEEP
  
  3072:huhch7DNzKIeUAEQGBcHN0OlaxP3DZyN/+oeRpxPdZFibDyxn:2qDtdAHj05xP3DZyN1eRppzcexn
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2