993562eb7581a04391829795a47c09be052f75b0d2315f2e3c16c35b77b5d978 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2d5259e06836f5e7292ccf427d5f669a_JC.exe
Size

67KB
Sample

231014-k6vafade79
MD5

2d5259e06836f5e7292ccf427d5f669a
SHA1

c8b31fb64ecd83b1fbade091c7595d525fa3c9a6
SHA256

993562eb7581a04391829795a47c09be052f75b0d2315f2e3c16c35b77b5d978
SHA512

c280dd4108543796f0637e70db388c853cc401b49c93c0297650c82357efd70b665c2d790e42bd123fa84b0c4e0fe528923eebe7e6471c8770b6f3d0f576e8db
SSDEEP

1536:FNxU+W+73uSpoo3e/8+dcr2yS7ytMuh1MAHHH9o/s:NU+W+qNo3e9Sy/K09/s

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.2d5259e06836f5e7292ccf427d5f669a_JC.exe
- Size
  
  67KB
- MD5
  
  2d5259e06836f5e7292ccf427d5f669a
- SHA1
  
  c8b31fb64ecd83b1fbade091c7595d525fa3c9a6
- SHA256
  
  993562eb7581a04391829795a47c09be052f75b0d2315f2e3c16c35b77b5d978
- SHA512
  
  c280dd4108543796f0637e70db388c853cc401b49c93c0297650c82357efd70b665c2d790e42bd123fa84b0c4e0fe528923eebe7e6471c8770b6f3d0f576e8db
- SSDEEP
  
  1536:FNxU+W+73uSpoo3e/8+dcr2yS7ytMuh1MAHHH9o/s:NU+W+qNo3e9Sy/K09/s
Score

8^/10

persistence
- Sets file execution options in registry
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2