0ea8e2e648a6a4d1df10efc933866ab260f2d646ea16a758bb6b734d275f5f2d | Triage

Sharing

General

Target

0ea8e2e648a6a4d1df10efc933866ab260f2d646ea16a758bb6b734d275f5f2d
Size

1.4MB
Sample

221120-f7fffscg31
MD5

344e0bd90f6dab2a3235ee8ee7c89d50
SHA1

73ede8ce0a525d3fa3b92db5e3b0a3853c877a7c
SHA256

0ea8e2e648a6a4d1df10efc933866ab260f2d646ea16a758bb6b734d275f5f2d
SHA512

69df776059055dd2db708820f2ce613063e05b8901d771e6661de17f7c99b8603a063dca6532929ab34aed86bf477aca75e35e57ece3243683e2a65263fc760e
SSDEEP

24576:6NmF/mnBoDM5f7F2hQHhToIzdF9s8kwWcMXixJH9GSG+VLUx3GHE07N:6YVZo5TchQBvj9tWXaJHkMLhkSN

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  0ea8e2e648a6a4d1df10efc933866ab260f2d646ea16a758bb6b734d275f5f2d
- Size
  
  1.4MB
- MD5
  
  344e0bd90f6dab2a3235ee8ee7c89d50
- SHA1
  
  73ede8ce0a525d3fa3b92db5e3b0a3853c877a7c
- SHA256
  
  0ea8e2e648a6a4d1df10efc933866ab260f2d646ea16a758bb6b734d275f5f2d
- SHA512
  
  69df776059055dd2db708820f2ce613063e05b8901d771e6661de17f7c99b8603a063dca6532929ab34aed86bf477aca75e35e57ece3243683e2a65263fc760e
- SSDEEP
  
  24576:6NmF/mnBoDM5f7F2hQHhToIzdF9s8kwWcMXixJH9GSG+VLUx3GHE07N:6YVZo5TchQBvj9tWXaJHkMLhkSN
Score

8^/10

discovery exploit
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit