fcc35f1ad3dfbb96e3e141797ffe1351baef13fe803adedbfe8b14f7e4b71aee | Triage

Sharing

General

Target

NEAS.3d542aa95f600e9cbd14ee41514de410_JC.exe
Size

475KB
Sample

231031-3nk8xshf53
MD5

3d542aa95f600e9cbd14ee41514de410
SHA1

87e0e2e3779d63009881bdd9f911b769bcea34b7
SHA256

fcc35f1ad3dfbb96e3e141797ffe1351baef13fe803adedbfe8b14f7e4b71aee
SHA512

7eec060d45bbacd4438fa90794b139da5cfad933b754a9ec6404a2c45a7decad104eeede683a698ba9787ac16f487312b3ade56cf0f505cba5ad9219939d0c6b
SSDEEP

6144:+tKe6YiDdv3m3mgKHI6Fh7Iy2+lsQKw+7OSRxszrBKeMTnFem6/9WwHIkGTTlmzH:+tKe6Zv23YnFhl4/0xp/9YR0YXLQig/

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.3d542aa95f600e9cbd14ee41514de410_JC.exe
- Size
  
  475KB
- MD5
  
  3d542aa95f600e9cbd14ee41514de410
- SHA1
  
  87e0e2e3779d63009881bdd9f911b769bcea34b7
- SHA256
  
  fcc35f1ad3dfbb96e3e141797ffe1351baef13fe803adedbfe8b14f7e4b71aee
- SHA512
  
  7eec060d45bbacd4438fa90794b139da5cfad933b754a9ec6404a2c45a7decad104eeede683a698ba9787ac16f487312b3ade56cf0f505cba5ad9219939d0c6b
- SSDEEP
  
  6144:+tKe6YiDdv3m3mgKHI6Fh7Iy2+lsQKw+7OSRxszrBKeMTnFem6/9WwHIkGTTlmzH:+tKe6Zv23YnFhl4/0xp/9YR0YXLQig/
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Executes dropped EXE
- Modifies system executable filetype association
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2