2f09f7c4c3c38765e47c10b1df54221ed214c6cbde2d92372e3e703a2c2ab891 | Triage

Sharing

General

Target

2f09f7c4c3c38765e47c10b1df54221ed214c6cbde2d92372e3e703a2c2ab891
Size

36KB
Sample

221120-r9h5xaha86
MD5

52d948b20a602eca105bda63a289cf31
SHA1

93c7275ef8e8c5587bfa3b008b88155469b050f4
SHA256

2f09f7c4c3c38765e47c10b1df54221ed214c6cbde2d92372e3e703a2c2ab891
SHA512

72a9c9f567d2c3d90212e36493ac44579c2f5ec5cf8022de64a07a21baaf6be20487facb5ffa3ef1576505ccba9759928526bd450d6374fb1839681598f42bc5
SSDEEP

384:/TdS2ttzduKTfwDz8Bef3hC6/KqnijyupEtL9mun7jDrlX1DZIiu9thSpEvZT0hz:/wYtzdu8cz8Uvs2Nit+DrllDKiXTRD

Score

8^/10

discovery exploit persistence

Malware Config

Targets

- Target
  
  2f09f7c4c3c38765e47c10b1df54221ed214c6cbde2d92372e3e703a2c2ab891
- Size
  
  36KB
- MD5
  
  52d948b20a602eca105bda63a289cf31
- SHA1
  
  93c7275ef8e8c5587bfa3b008b88155469b050f4
- SHA256
  
  2f09f7c4c3c38765e47c10b1df54221ed214c6cbde2d92372e3e703a2c2ab891
- SHA512
  
  72a9c9f567d2c3d90212e36493ac44579c2f5ec5cf8022de64a07a21baaf6be20487facb5ffa3ef1576505ccba9759928526bd450d6374fb1839681598f42bc5
- SSDEEP
  
  384:/TdS2ttzduKTfwDz8Bef3hC6/KqnijyupEtL9mun7jDrlX1DZIiu9thSpEvZT0hz:/wYtzdu8cz8Uvs2Nit+DrllDKiXTRD
Score

8^/10

discovery exploit persistence
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Permissions Modification

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploitpersistence

behavioral2

discoveryexploitpersistence