877d44c06794eeae040dc0650f8eb6c75295c9fae71e2c4595cf9e17e5ce99d0 | Triage

Sharing

General

Target

877d44c06794eeae040dc0650f8eb6c75295c9fae71e2c4595cf9e17e5ce99d0
Size

1.4MB
Sample

221029-qvh1xshcb4
MD5

bb268161fb4f9278eddd54f2eb8086ee
SHA1

b440bd9bdad2ff4138e99d7c8e14b706e7db546e
SHA256

877d44c06794eeae040dc0650f8eb6c75295c9fae71e2c4595cf9e17e5ce99d0
SHA512

39324ad93b6bdadc53a2454f64fab936539d47ee53f6ff6fe448c489c47d696909fb5c5c40b3a948e0e92d3fd878250b7fcf31d564a06eb3a8503ad5c2b88535
SSDEEP

24576:NNmF/mnBoDM5f7F2XQRKZk+61i5cCPWZj+VhyDvsuxxQ/zhmLSiVVloZy4/w:NYVZo5TcXQqk+61i5cYWZjSEUqq/5iV1

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  877d44c06794eeae040dc0650f8eb6c75295c9fae71e2c4595cf9e17e5ce99d0
- Size
  
  1.4MB
- MD5
  
  bb268161fb4f9278eddd54f2eb8086ee
- SHA1
  
  b440bd9bdad2ff4138e99d7c8e14b706e7db546e
- SHA256
  
  877d44c06794eeae040dc0650f8eb6c75295c9fae71e2c4595cf9e17e5ce99d0
- SHA512
  
  39324ad93b6bdadc53a2454f64fab936539d47ee53f6ff6fe448c489c47d696909fb5c5c40b3a948e0e92d3fd878250b7fcf31d564a06eb3a8503ad5c2b88535
- SSDEEP
  
  24576:NNmF/mnBoDM5f7F2XQRKZk+61i5cCPWZj+VhyDvsuxxQ/zhmLSiVVloZy4/w:NYVZo5TcXQqk+61i5cYWZjSEUqq/5iV1
Score

8^/10

discovery exploit
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit