c85bf17727f837671282ffd39a3860b407739ae65af38cea7d6c91fa15c5f609 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85493b9c713d4e5a844e737e5ab6ee03_JC.exe
Size

136KB
Sample

231013-axgmwaga6z
MD5

85493b9c713d4e5a844e737e5ab6ee03
SHA1

2978dba5dff9cbd658c0a9c435fbbfd98cc36126
SHA256

c85bf17727f837671282ffd39a3860b407739ae65af38cea7d6c91fa15c5f609
SHA512

8efc6f7d4002e9001e8bfece2ba58503c558ce7cf654823d16478b0321daa687a51a4a55382c1c70ee0ccbea516a89fc420143e23b035b1a1054f4b487dd3e69
SSDEEP

3072:yvZpW3PgV1flEEk8QYxQdLrCimBaH8UH30ZIvM6qMH5X3O/gU:yBpWoV1tEEFtCApaH8m3QIvMWH5H3U

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  85493b9c713d4e5a844e737e5ab6ee03_JC.exe
- Size
  
  136KB
- MD5
  
  85493b9c713d4e5a844e737e5ab6ee03
- SHA1
  
  2978dba5dff9cbd658c0a9c435fbbfd98cc36126
- SHA256
  
  c85bf17727f837671282ffd39a3860b407739ae65af38cea7d6c91fa15c5f609
- SHA512
  
  8efc6f7d4002e9001e8bfece2ba58503c558ce7cf654823d16478b0321daa687a51a4a55382c1c70ee0ccbea516a89fc420143e23b035b1a1054f4b487dd3e69
- SSDEEP
  
  3072:yvZpW3PgV1flEEk8QYxQdLrCimBaH8UH30ZIvM6qMH5X3O/gU:yBpWoV1tEEFtCApaH8m3QIvMWH5H3U
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2