c883c7d1163b09f66f3958deaf3fffd9d373973e05de3a79c27ef1ff1e8627f8 | Triage

Sharing

General

Target

NEAS.NEASb9e8478c1b1c77856e37d567ae52e8ceexe_JC.exe
Size

304KB
Sample

231016-qxnzysfg4v
MD5

b9e8478c1b1c77856e37d567ae52e8ce
SHA1

bdd81ab02602be0e68d5b8e9f2c4764feadbca1c
SHA256

c883c7d1163b09f66f3958deaf3fffd9d373973e05de3a79c27ef1ff1e8627f8
SHA512

2c553cf4b3ae1def079de59ac065c83da05beb8b3c2d905507d4c2777576a7ef31b60b9f5cb2f91f44c71e1f999008fbd89ec1a0a1f1be73a093dc7a75867664
SSDEEP

6144:xuVlGm1cszRyiJ7JrAbzjKYt/brTmwlzMhWJrAbz:wBRAKyBhM

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.NEASb9e8478c1b1c77856e37d567ae52e8ceexe_JC.exe
- Size
  
  304KB
- MD5
  
  b9e8478c1b1c77856e37d567ae52e8ce
- SHA1
  
  bdd81ab02602be0e68d5b8e9f2c4764feadbca1c
- SHA256
  
  c883c7d1163b09f66f3958deaf3fffd9d373973e05de3a79c27ef1ff1e8627f8
- SHA512
  
  2c553cf4b3ae1def079de59ac065c83da05beb8b3c2d905507d4c2777576a7ef31b60b9f5cb2f91f44c71e1f999008fbd89ec1a0a1f1be73a093dc7a75867664
- SSDEEP
  
  6144:xuVlGm1cszRyiJ7JrAbzjKYt/brTmwlzMhWJrAbz:wBRAKyBhM
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2