c4d35ef2cb0b9acfbaa195fa2fa933993b3f4e35185fdb15e21074db42b45c9c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.963a1637f4d794ada4c93785d4709df0_JC.exe
Size

292KB
Sample

231022-r9xy3abg55
MD5

963a1637f4d794ada4c93785d4709df0
SHA1

a425510463a97dcce37732a6be8191d8297dde67
SHA256

c4d35ef2cb0b9acfbaa195fa2fa933993b3f4e35185fdb15e21074db42b45c9c
SHA512

9c2e68cfafbb8f973cb1a39990f327ef0dafdd3c660d8c45d95190cac31272cef10d42ae359f799ebcaed1b8f72fc767c516f69d81f519b4f50483859ae0bfcb
SSDEEP

6144:ZE6aAW6SNSHWq/buDtbgTjHfkrZByBp1hM3yG:baAW6cS2qjusavyDfG

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.963a1637f4d794ada4c93785d4709df0_JC.exe
- Size
  
  292KB
- MD5
  
  963a1637f4d794ada4c93785d4709df0
- SHA1
  
  a425510463a97dcce37732a6be8191d8297dde67
- SHA256
  
  c4d35ef2cb0b9acfbaa195fa2fa933993b3f4e35185fdb15e21074db42b45c9c
- SHA512
  
  9c2e68cfafbb8f973cb1a39990f327ef0dafdd3c660d8c45d95190cac31272cef10d42ae359f799ebcaed1b8f72fc767c516f69d81f519b4f50483859ae0bfcb
- SSDEEP
  
  6144:ZE6aAW6SNSHWq/buDtbgTjHfkrZByBp1hM3yG:baAW6cS2qjusavyDfG
Score

8^/10

persistence
- Blocklisted process makes network request
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2