c462534d4b334e0139a89b83c136511f588bc68927960a591d46830cd3595410 | Triage

Sharing

General

Target

c462534d4b334e0139a89b83c136511f588bc68927960a591d46830cd3595410
Size

1.8MB
Sample

220816-16cndsehan
MD5

65acc80d6d495676b55e36561ec35180
SHA1

e66d8f92b5bc2bc7f3c1a466defc29b5a8b9d55f
SHA256

c462534d4b334e0139a89b83c136511f588bc68927960a591d46830cd3595410
SHA512

7b3810cf8102d9494256f450b6e4bc974e0ef0bf779594f1bbf335221979bda389bdaa9751f25c02a85cda02e13b181f57ab441fd82ce4ddb346f07f3b8bccc8
SSDEEP

49152:JHKa3m4W+cUDCcSwAw0ZN0QFou1nNh2gI:JHKa3mTizK8qnNh

Score

10^/10

discovery evasion exploit

Malware Config

Targets

- Target
  
  c462534d4b334e0139a89b83c136511f588bc68927960a591d46830cd3595410
- Size
  
  1.8MB
- MD5
  
  65acc80d6d495676b55e36561ec35180
- SHA1
  
  e66d8f92b5bc2bc7f3c1a466defc29b5a8b9d55f
- SHA256
  
  c462534d4b334e0139a89b83c136511f588bc68927960a591d46830cd3595410
- SHA512
  
  7b3810cf8102d9494256f450b6e4bc974e0ef0bf779594f1bbf335221979bda389bdaa9751f25c02a85cda02e13b181f57ab441fd82ce4ddb346f07f3b8bccc8
- SSDEEP
  
  49152:JHKa3m4W+cUDCcSwAw0ZN0QFou1nNh2gI:JHKa3mTizK8qnNh
Score

10^/10

discovery evasion exploit
- Modifies security service
  evasion
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Stops running service(s)
  evasion
- Loads dropped DLL
- Modifies file permissions
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

File and Directory Permissions Modification

Impair Defenses

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexploit

behavioral2

discoveryevasionexploit