3ac089bcf6392437c03aca380de9d6faee049448d3e49edcf72e5ba6024958ea | Triage

Sharing

General

Target

3ac089bcf6392437c03aca380de9d6faee049448d3e49edcf72e5ba6024958ea
Size

1.8MB
Sample

220823-158dnscbhp
MD5

707de025f2ab727fbb3b33f4ff8b97b3
SHA1

51a571a425a36cbbc3103d5e9991d080ccd4abc6
SHA256

3ac089bcf6392437c03aca380de9d6faee049448d3e49edcf72e5ba6024958ea
SHA512

256104c78b6f4a7ae7698a5dfa208526583124aec0be194b267e7ab83ed29b0fd893cd3fb829d1d11ef5abcb94192bdf2993780c5a6b8caebe6fb40d1fadf91c
SSDEEP

49152:Y1uZMQTHvWorKzx/L9GJENaYcBLxH030Du:Y1ueoH6xYJEHcU3Z

Score

10^/10

discovery evasion exploit

Malware Config

Targets

- Target
  
  3ac089bcf6392437c03aca380de9d6faee049448d3e49edcf72e5ba6024958ea
- Size
  
  1.8MB
- MD5
  
  707de025f2ab727fbb3b33f4ff8b97b3
- SHA1
  
  51a571a425a36cbbc3103d5e9991d080ccd4abc6
- SHA256
  
  3ac089bcf6392437c03aca380de9d6faee049448d3e49edcf72e5ba6024958ea
- SHA512
  
  256104c78b6f4a7ae7698a5dfa208526583124aec0be194b267e7ab83ed29b0fd893cd3fb829d1d11ef5abcb94192bdf2993780c5a6b8caebe6fb40d1fadf91c
- SSDEEP
  
  49152:Y1uZMQTHvWorKzx/L9GJENaYcBLxH030Du:Y1ueoH6xYJEHcU3Z
Score

10^/10

discovery evasion exploit
- Modifies security service
  evasion
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Stops running service(s)
  evasion
- Modifies file permissions
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Impair Defenses

File Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexploit

behavioral2

discoveryevasionexploit