6210034f798ea4a58df17ef3d0f1afa0ac858fb586a4fec1ce185a28f4c6d830 | Triage

Sharing

General

Target

NEAS.db71bb5d8978631e31e21978f10cb2e0_JC.exe
Size

440KB
Sample

231103-bvv8xsaa5x
MD5

db71bb5d8978631e31e21978f10cb2e0
SHA1

4b2ca2d72910acf2cd05f308499bab3bc387bc44
SHA256

6210034f798ea4a58df17ef3d0f1afa0ac858fb586a4fec1ce185a28f4c6d830
SHA512

4d24af3fbded049d9448a0b946e80cbd4b606c7c91cdc6362dd6d034d251de3ddcfb2303b7898c2dfac05d3dbcfd30dc9ad99dabb75edcda0eacdb0ce75bc27a
SSDEEP

6144:bl0MJR/MwGsmLrr1Zt/MwGsmLrxhnvTNe/MwGsmLrr1Zt/MwGsmLr:b+MrMmm75Mmm7T6Mmm75Mmm

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.db71bb5d8978631e31e21978f10cb2e0_JC.exe
- Size
  
  440KB
- MD5
  
  db71bb5d8978631e31e21978f10cb2e0
- SHA1
  
  4b2ca2d72910acf2cd05f308499bab3bc387bc44
- SHA256
  
  6210034f798ea4a58df17ef3d0f1afa0ac858fb586a4fec1ce185a28f4c6d830
- SHA512
  
  4d24af3fbded049d9448a0b946e80cbd4b606c7c91cdc6362dd6d034d251de3ddcfb2303b7898c2dfac05d3dbcfd30dc9ad99dabb75edcda0eacdb0ce75bc27a
- SSDEEP
  
  6144:bl0MJR/MwGsmLrr1Zt/MwGsmLrxhnvTNe/MwGsmLrr1Zt/MwGsmLr:b+MrMmm75Mmm7T6Mmm75Mmm
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2