e771df5dd3fd08f6966ba18001ef181270a3ddd601b87efc52bbfc0619f87e12 | Triage

Submit
Reports

Overview

overview

Static

static

GSecurity.exe

windows10-2004-x64

Sharing

General

Target

GSecurity.exe
Size

4.8MB
Sample

221204-1blyksca4z
MD5

90be758503895c038ea1efa43fed2c4d
SHA1

cc0c9170bfc00a937dc11259ca1571c4c5a38058
SHA256

e771df5dd3fd08f6966ba18001ef181270a3ddd601b87efc52bbfc0619f87e12
SHA512

09acba07c375cc331ec0b35ad0b68e5fae7e24e4ffe881b84181874566c567ff1562dfbcb780f22eaf4cf5e2ed4dea44b1119d62b13fc937638ed652420d7788
SSDEEP

98304:KfHtH/2bjIDzBu9O9pi4b+6MyBGFJtSxwtFhnLQ4tiwBIpU:WHtH/2biu9WpiapQjPh/I6

Score

10^/10

discovery evasion exploit

Static task

static1

Behavioral task

behavioral1

Sample

GSecurity.exe

Resource

win10v2004-20221111-en

discovery evasion exploit

windows10-2004-x64

15 signatures

600 seconds

Malware Config

Targets

- Target
  
  GSecurity.exe
- Size
  
  4.8MB
- MD5
  
  90be758503895c038ea1efa43fed2c4d
- SHA1
  
  cc0c9170bfc00a937dc11259ca1571c4c5a38058
- SHA256
  
  e771df5dd3fd08f6966ba18001ef181270a3ddd601b87efc52bbfc0619f87e12
- SHA512
  
  09acba07c375cc331ec0b35ad0b68e5fae7e24e4ffe881b84181874566c567ff1562dfbcb780f22eaf4cf5e2ed4dea44b1119d62b13fc937638ed652420d7788
- SSDEEP
  
  98304:KfHtH/2bjIDzBu9O9pi4b+6MyBGFJtSxwtFhnLQ4tiwBIpU:WHtH/2biu9WpiapQjPh/I6
Score

10^/10

discovery evasion exploit
- Modifies visibility of file extensions in Explorer
  evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Stops running service(s)
  evasion
- Loads dropped DLL
- Modifies file permissions
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Impair Defenses

File Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexploit

© 2018-2024

Terms | Privacy