1dd8399ec4ab93750c89e6f822e3cb43bd5e32749f7b92364d6a686089008f34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.188892b799ea83abefdd3abbd10d0100_JC.exe
Size

189KB
Sample

231105-w19zgsbh98
MD5

188892b799ea83abefdd3abbd10d0100
SHA1

3b6a7b4a5d5e507c5ce553d3a8d96174152774f5
SHA256

1dd8399ec4ab93750c89e6f822e3cb43bd5e32749f7b92364d6a686089008f34
SHA512

2cf4931406504461c526703cd7a0a1d20eb128015aabc6239f3fc2df1147f28fd32c2137308f1b3bd1a8b1159315e94bdd266f044b5990c19f9cac44010fcde2
SSDEEP

3072:gwnvjgmOlcIcka0lktlDjSTrcsNHGlt0qzbgCNYydJATCBKaypGQJ:lnvjomP/kk7+X+SSuydvKb3

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.188892b799ea83abefdd3abbd10d0100_JC.exe
- Size
  
  189KB
- MD5
  
  188892b799ea83abefdd3abbd10d0100
- SHA1
  
  3b6a7b4a5d5e507c5ce553d3a8d96174152774f5
- SHA256
  
  1dd8399ec4ab93750c89e6f822e3cb43bd5e32749f7b92364d6a686089008f34
- SHA512
  
  2cf4931406504461c526703cd7a0a1d20eb128015aabc6239f3fc2df1147f28fd32c2137308f1b3bd1a8b1159315e94bdd266f044b5990c19f9cac44010fcde2
- SSDEEP
  
  3072:gwnvjgmOlcIcka0lktlDjSTrcsNHGlt0qzbgCNYydJATCBKaypGQJ:lnvjomP/kk7+X+SSuydvKb3
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2