31dc086dbd72ef1589281e80bc81b9a1584a6f396a1ae2ad58b7d00cf3b60b32 | Triage

Sharing

General

Target

NEAS.ce43728d2839f4b8f844ea8b429f2090_JC.exe
Size

64KB
Sample

231102-gvwgksab97
MD5

ce43728d2839f4b8f844ea8b429f2090
SHA1

5d00f9b57dce7cba69d989d13b523eb876788351
SHA256

31dc086dbd72ef1589281e80bc81b9a1584a6f396a1ae2ad58b7d00cf3b60b32
SHA512

dafe3d20380a51c53d3a5d8109673946f6fbdfb5216b6f51261e22b93a0fc3d1be5da15bc8173e1fc38021a1dc48b1acf2818219c8495d268ccad39448b4c422
SSDEEP

1536:mkuimj5MK3gDXId4vrZ3manh3x2L+ZrDWBi:zIGKgX5vd9ha+Z2Bi

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.ce43728d2839f4b8f844ea8b429f2090_JC.exe
- Size
  
  64KB
- MD5
  
  ce43728d2839f4b8f844ea8b429f2090
- SHA1
  
  5d00f9b57dce7cba69d989d13b523eb876788351
- SHA256
  
  31dc086dbd72ef1589281e80bc81b9a1584a6f396a1ae2ad58b7d00cf3b60b32
- SHA512
  
  dafe3d20380a51c53d3a5d8109673946f6fbdfb5216b6f51261e22b93a0fc3d1be5da15bc8173e1fc38021a1dc48b1acf2818219c8495d268ccad39448b4c422
- SSDEEP
  
  1536:mkuimj5MK3gDXId4vrZ3manh3x2L+ZrDWBi:zIGKgX5vd9ha+Z2Bi
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2