7c3dd0e7d1f702c41e6eef021d7147e96d553e30bcccb04539970dc72080c244 | Triage

Sharing

General

Target

NEAS.NEASa4d0b461860c7d0b97709064fd9857acexe_JC.exe
Size

340KB
Sample

231016-qq1p6sfe3w
MD5

a4d0b461860c7d0b97709064fd9857ac
SHA1

43b3dfb9f0fadb887487a15a18274087b61b72f9
SHA256

7c3dd0e7d1f702c41e6eef021d7147e96d553e30bcccb04539970dc72080c244
SHA512

1e0e63b9d8af226e8b0b39465e891a15b9eb18fa883f033cee6d9992905b232325f49a6741fe4d9e333dc48922fc360174a8e0bebce1d346d6df39072e39f732
SSDEEP

6144:WwfTm3/fc/UmKyIxLDXXoq9FJZCUmKyIxLjh:Wwf32XXf9Do3i

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.NEASa4d0b461860c7d0b97709064fd9857acexe_JC.exe
- Size
  
  340KB
- MD5
  
  a4d0b461860c7d0b97709064fd9857ac
- SHA1
  
  43b3dfb9f0fadb887487a15a18274087b61b72f9
- SHA256
  
  7c3dd0e7d1f702c41e6eef021d7147e96d553e30bcccb04539970dc72080c244
- SHA512
  
  1e0e63b9d8af226e8b0b39465e891a15b9eb18fa883f033cee6d9992905b232325f49a6741fe4d9e333dc48922fc360174a8e0bebce1d346d6df39072e39f732
- SSDEEP
  
  6144:WwfTm3/fc/UmKyIxLDXXoq9FJZCUmKyIxLjh:Wwf32XXf9Do3i
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2