a781a227eec296276e99e0e1aa6dcc18d36ac6eb9f39b3c32bce992019670fe8 | Triage

Submit
Reports

Overview

overview

8

Static

static

a781a227ee...e8.exe

windows7-x64

8

a781a227ee...e8.exe

windows10-2004-x64

8

Sharing

General

Target

a781a227eec296276e99e0e1aa6dcc18d36ac6eb9f39b3c32bce992019670fe8
Size

17.9MB
Sample

221128-gknnzsef9t
MD5

eaf6e654d37346aa43649c6df3f1d113
SHA1

195ec2ec8c8009b133c07f61dac18c1af0f3d45c
SHA256

a781a227eec296276e99e0e1aa6dcc18d36ac6eb9f39b3c32bce992019670fe8
SHA512

c1d3fe6fe61d8b6de99aeaff6dc49ab2e67725de010ddfd62ea4ec6bf3998ec219dc4d450fbd81d5dc869402227a8091d1e99c17c8ac2c1b84597b14a47fbb7b
SSDEEP

393216:x2TIneyqLSQme9mBY1Fx5AeEJdqwqTO4/sq9CEDUV50nypJAK+uZ+K:x2TYjkLmVq53MdMTj/sU3Yf0nFH3

Score

8^/10

discovery exploit

Static task

static1

Behavioral task

behavioral1

Sample

a781a227eec296276e99e0e1aa6dcc18d36ac6eb9f39b3c32bce992019670fe8.exe

Resource

win7-20220812-en

discovery exploit

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

a781a227eec296276e99e0e1aa6dcc18d36ac6eb9f39b3c32bce992019670fe8.exe

Resource

win10v2004-20220812-en

discovery exploit

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  a781a227eec296276e99e0e1aa6dcc18d36ac6eb9f39b3c32bce992019670fe8
- Size
  
  17.9MB
- MD5
  
  eaf6e654d37346aa43649c6df3f1d113
- SHA1
  
  195ec2ec8c8009b133c07f61dac18c1af0f3d45c
- SHA256
  
  a781a227eec296276e99e0e1aa6dcc18d36ac6eb9f39b3c32bce992019670fe8
- SHA512
  
  c1d3fe6fe61d8b6de99aeaff6dc49ab2e67725de010ddfd62ea4ec6bf3998ec219dc4d450fbd81d5dc869402227a8091d1e99c17c8ac2c1b84597b14a47fbb7b
- SSDEEP
  
  393216:x2TIneyqLSQme9mBY1Fx5AeEJdqwqTO4/sq9CEDUV50nypJAK+uZ+K:x2TYjkLmVq53MdMTj/sU3Yf0nFH3
Score

8^/10

discovery exploit
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Loads dropped DLL
- Modifies file permissions
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit

© 2018-2024

Terms | Privacy