56b0da044a6973dede2a037dba7b81c44cb04faaca9df1d47a71c101b7754131 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a6405846f2e0c03e0457fb34d3c368f0_JC.exe
Size

324KB
Sample

231101-ngqshafe5t
MD5

a6405846f2e0c03e0457fb34d3c368f0
SHA1

ad66d03fb2dc6e15526cdc4e30682d1d5c9997b8
SHA256

56b0da044a6973dede2a037dba7b81c44cb04faaca9df1d47a71c101b7754131
SHA512

5851c9a53c210f5c6b7654026d89498d8da2760b87a5b20bb8e53dba412dd6d5fb6da4b4fbdcb42c8e4bd8f36ed2a982e821791c5f5def4a0fca2b5b50ef7a75
SSDEEP

6144:FOu0irnzd5IF6rfBBcVPINRFYpfZvT6zAWq6JMf3us8ws:FL0Wnp5IFy5BcVPINRFYpfZvTmAWqeM2

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.a6405846f2e0c03e0457fb34d3c368f0_JC.exe
- Size
  
  324KB
- MD5
  
  a6405846f2e0c03e0457fb34d3c368f0
- SHA1
  
  ad66d03fb2dc6e15526cdc4e30682d1d5c9997b8
- SHA256
  
  56b0da044a6973dede2a037dba7b81c44cb04faaca9df1d47a71c101b7754131
- SHA512
  
  5851c9a53c210f5c6b7654026d89498d8da2760b87a5b20bb8e53dba412dd6d5fb6da4b4fbdcb42c8e4bd8f36ed2a982e821791c5f5def4a0fca2b5b50ef7a75
- SSDEEP
  
  6144:FOu0irnzd5IF6rfBBcVPINRFYpfZvT6zAWq6JMf3us8ws:FL0Wnp5IFy5BcVPINRFYpfZvTmAWqeM2
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2