0ea8c6d6982ad0c3127c77053148315598c1e72e8fa6e1ccd305b91f4f600708 | Triage

Sharing

General

Target

NEAS.93decc8bc596c163855d3c8360f6a020_JC.exe
Size

56KB
Sample

231102-thkkrsef31
MD5

93decc8bc596c163855d3c8360f6a020
SHA1

8f8319b783f6563553fec118d519523f90d3aef5
SHA256

0ea8c6d6982ad0c3127c77053148315598c1e72e8fa6e1ccd305b91f4f600708
SHA512

a3c96c627047c4fbdb33a0fda3ea5e08d1fa6d8f6d13a82cad736084b3c0c4bb2e6a0e0f7ed16ca7d51928618927d35ff2e30bf982d91e2739dae289d228095a
SSDEEP

768:0PCpnaogRxsmRNepxJnb5trT6miBrvvWlFqffO2NVP5ZgfIRH73rrrrrrrrrrrrt:VAogRmHvJbn6hB70FqfGGV4uLiIwJJ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.93decc8bc596c163855d3c8360f6a020_JC.exe
- Size
  
  56KB
- MD5
  
  93decc8bc596c163855d3c8360f6a020
- SHA1
  
  8f8319b783f6563553fec118d519523f90d3aef5
- SHA256
  
  0ea8c6d6982ad0c3127c77053148315598c1e72e8fa6e1ccd305b91f4f600708
- SHA512
  
  a3c96c627047c4fbdb33a0fda3ea5e08d1fa6d8f6d13a82cad736084b3c0c4bb2e6a0e0f7ed16ca7d51928618927d35ff2e30bf982d91e2739dae289d228095a
- SSDEEP
  
  768:0PCpnaogRxsmRNepxJnb5trT6miBrvvWlFqffO2NVP5ZgfIRH73rrrrrrrrrrrrt:VAogRmHvJbn6hB70FqfGGV4uLiIwJJ
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2