f5b1109e1bdb91f64227ec7eb279cdc83f5843b70570876cf26ecbb0fff13fb8 | Triage

Sharing

General

Target

NEAS.c8a96de6e4d9c162e4ae4ed438bf608a_JC.exe
Size

880KB
Sample

231102-v6gdpafb25
MD5

c8a96de6e4d9c162e4ae4ed438bf608a
SHA1

cfaa683908c7791dafce4f2bea26fbed9f1b2c6d
SHA256

f5b1109e1bdb91f64227ec7eb279cdc83f5843b70570876cf26ecbb0fff13fb8
SHA512

60188820330d77333112c8274dca5dbfacf66a0374bc1e28de0426793be7beeb99a8cf9ed5787892e0e37cd64f2e516ed6f4d9b1a8d3bbf881cf8e2ccbc8a615
SSDEEP

6144:xHWLhakzXEah7YuwARQ8eV5XEah7YuNmWfHLFZGXEah7YuwARQ8eV5XEah7YuGUt:QhpS8qvoS8/UOpIiS8qvoS8

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.c8a96de6e4d9c162e4ae4ed438bf608a_JC.exe
- Size
  
  880KB
- MD5
  
  c8a96de6e4d9c162e4ae4ed438bf608a
- SHA1
  
  cfaa683908c7791dafce4f2bea26fbed9f1b2c6d
- SHA256
  
  f5b1109e1bdb91f64227ec7eb279cdc83f5843b70570876cf26ecbb0fff13fb8
- SHA512
  
  60188820330d77333112c8274dca5dbfacf66a0374bc1e28de0426793be7beeb99a8cf9ed5787892e0e37cd64f2e516ed6f4d9b1a8d3bbf881cf8e2ccbc8a615
- SSDEEP
  
  6144:xHWLhakzXEah7YuwARQ8eV5XEah7YuNmWfHLFZGXEah7YuwARQ8eV5XEah7YuGUt:QhpS8qvoS8/UOpIiS8qvoS8
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2