509716235af468e22cf97da9572d6b4fafb907b863acc9f8f06cfb3e9d4bd92a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b2e8863f565e9fd0fb566db43e9ac4d0_JC.exe
Size

257KB
Sample

231023-wqf9esdh42
MD5

b2e8863f565e9fd0fb566db43e9ac4d0
SHA1

20548ae84127652491c0acb650205eba180a54bf
SHA256

509716235af468e22cf97da9572d6b4fafb907b863acc9f8f06cfb3e9d4bd92a
SHA512

be4c5dc98c8a712d858f7b06f7546dcf4b52b03214f570606779d9edc3f390b41bb465c573e152e23fcaf4b7dfb5d45ffd78bf37a42817a81b0276956eccaa0d
SSDEEP

3072:z0HoFoptKNgnAjWQYxWB+UMDoutkTy27zh5cl:IHoFocCAWDoSkTl7zjK

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.b2e8863f565e9fd0fb566db43e9ac4d0_JC.exe
- Size
  
  257KB
- MD5
  
  b2e8863f565e9fd0fb566db43e9ac4d0
- SHA1
  
  20548ae84127652491c0acb650205eba180a54bf
- SHA256
  
  509716235af468e22cf97da9572d6b4fafb907b863acc9f8f06cfb3e9d4bd92a
- SHA512
  
  be4c5dc98c8a712d858f7b06f7546dcf4b52b03214f570606779d9edc3f390b41bb465c573e152e23fcaf4b7dfb5d45ffd78bf37a42817a81b0276956eccaa0d
- SSDEEP
  
  3072:z0HoFoptKNgnAjWQYxWB+UMDoutkTy27zh5cl:IHoFocCAWDoSkTl7zjK
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2