1248eac3e37e4182cb2822af2210d4673888ee4fe315794fabe3094d470a5b6e | Triage

Sharing

General

Target

NEAS.c0a0c35afbe162d646507b0fa786720b_JC.exe
Size

128KB
Sample

231012-wb591aeh2y
MD5

c0a0c35afbe162d646507b0fa786720b
SHA1

704a8ca85dcf308b63d3256566728dbe28aa8da3
SHA256

1248eac3e37e4182cb2822af2210d4673888ee4fe315794fabe3094d470a5b6e
SHA512

4c0fd77d8bf450d4e2df2916790375a8cbe44f8565290d7e3656558b0d2e568638c56f441cce25a13a4a4a47751d95566487da4f892ab2836bf64c946e89197a
SSDEEP

3072:0NWIZgLPEN3aQRuwEjn2eepSJdEN0s4WE+3S9pui6yYPaI7DX:MvgLPE1RuwEj21YENm+3Mpui6yYPaI/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.c0a0c35afbe162d646507b0fa786720b_JC.exe
- Size
  
  128KB
- MD5
  
  c0a0c35afbe162d646507b0fa786720b
- SHA1
  
  704a8ca85dcf308b63d3256566728dbe28aa8da3
- SHA256
  
  1248eac3e37e4182cb2822af2210d4673888ee4fe315794fabe3094d470a5b6e
- SHA512
  
  4c0fd77d8bf450d4e2df2916790375a8cbe44f8565290d7e3656558b0d2e568638c56f441cce25a13a4a4a47751d95566487da4f892ab2836bf64c946e89197a
- SSDEEP
  
  3072:0NWIZgLPEN3aQRuwEjn2eepSJdEN0s4WE+3S9pui6yYPaI7DX:MvgLPE1RuwEj21YENm+3Mpui6yYPaI/
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2