aa4fc09d9ec7aeaebdad9476ce520e1a1e0defd5fd8a5886f0f88f8fa6ea542f | Triage

Sharing

General

Target

aa4fc09d9ec7aeaebdad9476ce520e1a1e0defd5fd8a5886f0f88f8fa6ea542f
Size

1.4MB
Sample

221028-29r3xsbdf5
MD5

0e8a8fa96a1418741c15af44cb690750
SHA1

717adca2fba6c964724c54841c6921e50d393138
SHA256

aa4fc09d9ec7aeaebdad9476ce520e1a1e0defd5fd8a5886f0f88f8fa6ea542f
SHA512

ca98f2e96f5b376370b38569cf88d52d1f80283b4113e597aabdcee62d6ab80680c2bf1441fdd735b4feed1c48d59f3af06371a2c494b2a58f65518a9c29d294
SSDEEP

24576:4NmF/mnBoDM5f7F2hQHhToIzdF9s8kwWcMXixJH9GSG+VLUx3GHE074:4YVZo5TchQBvj9tWXaJHkMLhkS4

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  aa4fc09d9ec7aeaebdad9476ce520e1a1e0defd5fd8a5886f0f88f8fa6ea542f
- Size
  
  1.4MB
- MD5
  
  0e8a8fa96a1418741c15af44cb690750
- SHA1
  
  717adca2fba6c964724c54841c6921e50d393138
- SHA256
  
  aa4fc09d9ec7aeaebdad9476ce520e1a1e0defd5fd8a5886f0f88f8fa6ea542f
- SHA512
  
  ca98f2e96f5b376370b38569cf88d52d1f80283b4113e597aabdcee62d6ab80680c2bf1441fdd735b4feed1c48d59f3af06371a2c494b2a58f65518a9c29d294
- SSDEEP
  
  24576:4NmF/mnBoDM5f7F2hQHhToIzdF9s8kwWcMXixJH9GSG+VLUx3GHE074:4YVZo5TchQBvj9tWXaJHkMLhkS4
Score

8^/10

discovery exploit
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

discoveryexploit