816f047704dd9f43ca7057d9f376ccb99942e736015db4206a20b08ade25d57d | Triage

Sharing

General

Target

NEAS.NEASa6cb2d4d29677f76462d2d8eb3f60425exe_JC.exe
Size

300KB
Sample

231013-xe5cjsfc89
MD5

a6cb2d4d29677f76462d2d8eb3f60425
SHA1

692871f5b758a3c5793cf93737881b258a3f4ef3
SHA256

816f047704dd9f43ca7057d9f376ccb99942e736015db4206a20b08ade25d57d
SHA512

75c8866a69f2c13552d97f193d27b28e5fded5b546128d6485413c19793d7d62fdf775a546d1d01f9c072e05b1f8cca469f5d2d5b977fc0098eceea8544effac
SSDEEP

6144:9HTQwMLA4h2jvosK6mUzW0jAWRD2jvosK6mUzWh1T+/wPBfn8p:9zn14hx67fLx67EZ+/CBfg

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.NEASa6cb2d4d29677f76462d2d8eb3f60425exe_JC.exe
- Size
  
  300KB
- MD5
  
  a6cb2d4d29677f76462d2d8eb3f60425
- SHA1
  
  692871f5b758a3c5793cf93737881b258a3f4ef3
- SHA256
  
  816f047704dd9f43ca7057d9f376ccb99942e736015db4206a20b08ade25d57d
- SHA512
  
  75c8866a69f2c13552d97f193d27b28e5fded5b546128d6485413c19793d7d62fdf775a546d1d01f9c072e05b1f8cca469f5d2d5b977fc0098eceea8544effac
- SSDEEP
  
  6144:9HTQwMLA4h2jvosK6mUzW0jAWRD2jvosK6mUzWh1T+/wPBfn8p:9zn14hx67fLx67EZ+/CBfg
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2