b9a9b6f6cad2cc71eb18f7a4f6da3c9c30caf0833c8b376f1e93f0d9be2400ae | Triage

Sharing

General

Target

NEAS.a1d1236f11c6a62c4faff280bc84ddd0_JC.exe
Size

178KB
Sample

231105-cs8xnshf4w
MD5

a1d1236f11c6a62c4faff280bc84ddd0
SHA1

fc71a8327a91de579ae21ac6442fbb1c8caafbcb
SHA256

b9a9b6f6cad2cc71eb18f7a4f6da3c9c30caf0833c8b376f1e93f0d9be2400ae
SHA512

1687cc9c7aa24040ec71fa1f210e72a015f4c4c043abd1ac4a9e768e90f868a00fa017e813b8d23f80652fd09b2d5af10cf9eab42f221f1a4bd012cf83e1e3ea
SSDEEP

3072:M/047M+14BEHzWqgUfPNrXuSKp18z2Odknu+vmmWBuxBl11cRQycLRbpgjDD2UK:SwhBEHzWpUfPNr+DRD5fWBuxBl11tbpm

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.a1d1236f11c6a62c4faff280bc84ddd0_JC.exe
- Size
  
  178KB
- MD5
  
  a1d1236f11c6a62c4faff280bc84ddd0
- SHA1
  
  fc71a8327a91de579ae21ac6442fbb1c8caafbcb
- SHA256
  
  b9a9b6f6cad2cc71eb18f7a4f6da3c9c30caf0833c8b376f1e93f0d9be2400ae
- SHA512
  
  1687cc9c7aa24040ec71fa1f210e72a015f4c4c043abd1ac4a9e768e90f868a00fa017e813b8d23f80652fd09b2d5af10cf9eab42f221f1a4bd012cf83e1e3ea
- SSDEEP
  
  3072:M/047M+14BEHzWqgUfPNrXuSKp18z2Odknu+vmmWBuxBl11cRQycLRbpgjDD2UK:SwhBEHzWpUfPNr+DRD5fWBuxBl11tbpm
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2