edbb0337ed97f309cff42a85b7518a2ed4c550ce9a10e6b3b2b05db4780aff42 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.f0a145a4642ccc3aeee7b9020df1a240_JC.exe
Size

472KB
Sample

231102-nq735sbb2y
MD5

f0a145a4642ccc3aeee7b9020df1a240
SHA1

964ef862b08cf20889e00554f72aa805bb538181
SHA256

edbb0337ed97f309cff42a85b7518a2ed4c550ce9a10e6b3b2b05db4780aff42
SHA512

052245a3e810277ed8026ad321865e090ffc0fe59030b4b7f52fabe8b299a7a8299808822593b05db49f893483c54610ac4b1c5d7708e9fcc3b331ae6881a79a
SSDEEP

12288:ZT9+40ByvNv54B9f01ZmHByvNv51lZlP5Po53rC1kWNH1yfMN1xCTr3huvca1khy:ZT9+4Lvr4B9f01ZmQvr1vN

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.f0a145a4642ccc3aeee7b9020df1a240_JC.exe
- Size
  
  472KB
- MD5
  
  f0a145a4642ccc3aeee7b9020df1a240
- SHA1
  
  964ef862b08cf20889e00554f72aa805bb538181
- SHA256
  
  edbb0337ed97f309cff42a85b7518a2ed4c550ce9a10e6b3b2b05db4780aff42
- SHA512
  
  052245a3e810277ed8026ad321865e090ffc0fe59030b4b7f52fabe8b299a7a8299808822593b05db49f893483c54610ac4b1c5d7708e9fcc3b331ae6881a79a
- SSDEEP
  
  12288:ZT9+40ByvNv54B9f01ZmHByvNv51lZlP5Po53rC1kWNH1yfMN1xCTr3huvca1khy:ZT9+4Lvr4B9f01ZmQvr1vN
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2