3743526a597d5710a3195afbd5084187987ffb134d61187517c09cfa7f3a0274 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.cbe0720e5fc75919fdc86a237760aa23_JC.exe
Size

151KB
Sample

231012-wkxn8afe2y
MD5

cbe0720e5fc75919fdc86a237760aa23
SHA1

1179414659b5de9d1ecfff8119f5745867570cf7
SHA256

3743526a597d5710a3195afbd5084187987ffb134d61187517c09cfa7f3a0274
SHA512

cb63bd853846fb84268c0d18b10dea0a94539284889f467df2d3bc0909671991b0324961487a1563cb38b44aa07b05df4275d0c3328e0d008b72804a08999bcb
SSDEEP

3072:XRI8VWgO2W9LcE2KawoZiMzkbHmOBzzCc:XRIvgnW9NcdobHm6zzCc

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  NEAS.cbe0720e5fc75919fdc86a237760aa23_JC.exe
- Size
  
  151KB
- MD5
  
  cbe0720e5fc75919fdc86a237760aa23
- SHA1
  
  1179414659b5de9d1ecfff8119f5745867570cf7
- SHA256
  
  3743526a597d5710a3195afbd5084187987ffb134d61187517c09cfa7f3a0274
- SHA512
  
  cb63bd853846fb84268c0d18b10dea0a94539284889f467df2d3bc0909671991b0324961487a1563cb38b44aa07b05df4275d0c3328e0d008b72804a08999bcb
- SSDEEP
  
  3072:XRI8VWgO2W9LcE2KawoZiMzkbHmOBzzCc:XRIvgnW9NcdobHm6zzCc
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2