1d3ef5875f75bfd5a4adef7e6e9b01a9efc710d689ad7b9b44c90bce5378b147 | Triage

Sharing

General

Target

NEAS.d2ee3b4405f38df546f9c7bcd643a439_JC.exe
Size

89KB
Sample

231012-wpyr3shg65
MD5

d2ee3b4405f38df546f9c7bcd643a439
SHA1

e597c5906e3b962e2eadd7365fc7c1d16def5791
SHA256

1d3ef5875f75bfd5a4adef7e6e9b01a9efc710d689ad7b9b44c90bce5378b147
SHA512

6d79cbe61dc1d0230a3c6bd4f44677771b2c3466c55d8aabb70269802e461a9163c5ca89a800831d6c8493a5a44eae7c58cc34105d3e856b4e788255fa046094
SSDEEP

1536:IdIPAF1Fg6vofZuQzUQaXDQoz2av5Ybxv7O95QsfGJxcxlExkg8Fk:Id2EFHguqUQSQoz2OubxsQpxcxlakgwk

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.d2ee3b4405f38df546f9c7bcd643a439_JC.exe
- Size
  
  89KB
- MD5
  
  d2ee3b4405f38df546f9c7bcd643a439
- SHA1
  
  e597c5906e3b962e2eadd7365fc7c1d16def5791
- SHA256
  
  1d3ef5875f75bfd5a4adef7e6e9b01a9efc710d689ad7b9b44c90bce5378b147
- SHA512
  
  6d79cbe61dc1d0230a3c6bd4f44677771b2c3466c55d8aabb70269802e461a9163c5ca89a800831d6c8493a5a44eae7c58cc34105d3e856b4e788255fa046094
- SSDEEP
  
  1536:IdIPAF1Fg6vofZuQzUQaXDQoz2av5Ybxv7O95QsfGJxcxlExkg8Fk:Id2EFHguqUQSQoz2OubxsQpxcxlakgwk
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2