c0cc6178e8f43b997e59ccc0cbb91b54bc9c0b1aae1a226c79b8e67e460e4dcb | Triage

Sharing

General

Target

NEAS.65e783ea8e989c5c4128dd3080f33e10_JC.exe
Size

192KB
Sample

231105-tg3pysad64
MD5

65e783ea8e989c5c4128dd3080f33e10
SHA1

6d9a566e42b9420fbd1663357fbbb7a03c2f1267
SHA256

c0cc6178e8f43b997e59ccc0cbb91b54bc9c0b1aae1a226c79b8e67e460e4dcb
SHA512

6b13e49a607d635dabc86e9cf4975ba68f7e45010a5017078401621a7c7ddd111c94ce883b35eb0cc23fa16d9b68baf60dda8f76ed6a60a5573c009c7283456f
SSDEEP

3072:PDTwV3aMW9D7izhJDUhiVFgzL20WKFcp9jRV5C/8qy4p2Y7YWlt6o:PD8V3aMW9aUwzgzL2V4cpC0L4AY7YWTl

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.65e783ea8e989c5c4128dd3080f33e10_JC.exe
- Size
  
  192KB
- MD5
  
  65e783ea8e989c5c4128dd3080f33e10
- SHA1
  
  6d9a566e42b9420fbd1663357fbbb7a03c2f1267
- SHA256
  
  c0cc6178e8f43b997e59ccc0cbb91b54bc9c0b1aae1a226c79b8e67e460e4dcb
- SHA512
  
  6b13e49a607d635dabc86e9cf4975ba68f7e45010a5017078401621a7c7ddd111c94ce883b35eb0cc23fa16d9b68baf60dda8f76ed6a60a5573c009c7283456f
- SSDEEP
  
  3072:PDTwV3aMW9D7izhJDUhiVFgzL20WKFcp9jRV5C/8qy4p2Y7YWlt6o:PD8V3aMW9aUwzgzL2V4cpC0L4AY7YWTl
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2