09f8b93f8bc0e7c17d76f06e6cc41b837614eaf618c3f444be7930dfe9a18cf8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b431b51aafbe46c591ef059396dff440_JC.exe
Size

430KB
Sample

231101-prf7gsab79
MD5

b431b51aafbe46c591ef059396dff440
SHA1

9d88afd3def516ae252750fe190b0a87fc4eb236
SHA256

09f8b93f8bc0e7c17d76f06e6cc41b837614eaf618c3f444be7930dfe9a18cf8
SHA512

fc6ee0572a10b43ffc22dc92510a4a226d0b7270696da8fcdb45739dc36eaaa983712cab4f656d2f6522729de63210996049cd767cda7e2420c18f655bad7c84
SSDEEP

3072:jeVfnSufBlxvf/arV8VAURfE+HAokWmvEie0RFz3yE2ZwVh16Mz7GFD0AlWsnzj:qfnSd8Rs+HLlD0rN2ZwVht740Psz

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.b431b51aafbe46c591ef059396dff440_JC.exe
- Size
  
  430KB
- MD5
  
  b431b51aafbe46c591ef059396dff440
- SHA1
  
  9d88afd3def516ae252750fe190b0a87fc4eb236
- SHA256
  
  09f8b93f8bc0e7c17d76f06e6cc41b837614eaf618c3f444be7930dfe9a18cf8
- SHA512
  
  fc6ee0572a10b43ffc22dc92510a4a226d0b7270696da8fcdb45739dc36eaaa983712cab4f656d2f6522729de63210996049cd767cda7e2420c18f655bad7c84
- SSDEEP
  
  3072:jeVfnSufBlxvf/arV8VAURfE+HAokWmvEie0RFz3yE2ZwVh16Mz7GFD0AlWsnzj:qfnSd8Rs+HLlD0rN2ZwVht740Psz
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2