ee397293a994db70e8c1121a5af2eacbc0df0dd27644166532539cf34cc6763c | Triage

Sharing

General

Target

ee397293a994db70e8c1121a5af2eacbc0df0dd27644166532539cf34cc6763c
Size

44KB
Sample

221119-gw6c6sgc46
MD5

098b15bba62d36281565dcc916d35176
SHA1

5e0383a529ddfd4eba038b0ab1591dffe70de025
SHA256

ee397293a994db70e8c1121a5af2eacbc0df0dd27644166532539cf34cc6763c
SHA512

45c743794c0a8a75a2d0dfa7ee469b7a3ce1eaf80d3041b7edc57a406655308c834bd3aa16cff6cfd59eaa5ea92b190d15ffed7017c124510b4750b4362f98be
SSDEEP

768:3djCxiQiqVmbl8/gj2wJiH6o8pvrBvPGEArXvz:tmImUQZwwaPGRvz

Score

8^/10

discovery exploit persistence

Malware Config

Targets

- Target
  
  ee397293a994db70e8c1121a5af2eacbc0df0dd27644166532539cf34cc6763c
- Size
  
  44KB
- MD5
  
  098b15bba62d36281565dcc916d35176
- SHA1
  
  5e0383a529ddfd4eba038b0ab1591dffe70de025
- SHA256
  
  ee397293a994db70e8c1121a5af2eacbc0df0dd27644166532539cf34cc6763c
- SHA512
  
  45c743794c0a8a75a2d0dfa7ee469b7a3ce1eaf80d3041b7edc57a406655308c834bd3aa16cff6cfd59eaa5ea92b190d15ffed7017c124510b4750b4362f98be
- SSDEEP
  
  768:3djCxiQiqVmbl8/gj2wJiH6o8pvrBvPGEArXvz:tmImUQZwwaPGRvz
Score

8^/10

discovery exploit persistence
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Permissions Modification

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploitpersistence

behavioral2

discoveryexploitpersistence