d7314ef013e8b31545e7e726328281f813b0e8e291f2e1329af888b2b74187dc | Triage

Sharing

General

Target

Patch22.rar
Size

131KB
Sample

230115-ndvx2shh41
MD5

830a22baec71951dbeb43e530b49aff0
SHA1

9f45dad07e389f71751ada7123088d2aa280c258
SHA256

d7314ef013e8b31545e7e726328281f813b0e8e291f2e1329af888b2b74187dc
SHA512

4ac8db0424133ba2e4b5608393f90b25abf6190e27d462eef4a296c799e1c38dd6005e853b7200521bf42b829625c05d767d5c0f78179b2c46e8279604c0819f
SSDEEP

3072:9JyOxXeC1EHdVx/4TkWJ+zMX6JQSfBpALz+W6VZ:9JbxSHp4XJYnBBSJ2

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  0 - Piriform-BlockerKeyVerificator_RunAsAdministrator.cmd
- Size
  
  4KB
- MD5
  
  6ba5c46261ff52e7438f21ccef5f8c7e
- SHA1
  
  acdf309fbfebecb7a93b78068fc1498fae4d9e62
- SHA256
  
  f7d87d0a3977d9ed4ed6eaa2da2fe2aea9564f58cf062f828dec0aa21d9ec11e
- SHA512
  
  106b05fbeca31c78e5e5f33cbd62580aac1b4ef781a78ac2cbe80f92eb01f75beeaa480772dcf2f9f2bbea178e681aff2247dd3d08387b35ca507b90b4a5cc43
- SSDEEP
  
  96:zGXTD6E4YsQlPtYyjZW0vQH5aROc37gC9r2of6:zeDn4YsQlPtYyjZW0vQH5aROc37gC9rA
Score

8^/10

discovery exploit
- Drops file in Drivers directory
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
behavioral1 behavioral2
- Target
  
  CCleaner_Patch22.exe
- Size
  
  129KB
- MD5
  
  f3f183ba8a3c43dfcbef0396ad5d917b
- SHA1
  
  8a6edcfa27a7f29cab0d6e2f0595eec2c8b2c123
- SHA256
  
  849d56ebcfdc2cb97c4a7ab9c961c3b7b80700d43963b7db2b6934609de6104d
- SHA512
  
  2b997fa759e206ac1576615e048f0f11665c2ae57abe55e780022796c02214aaf66fbe6d7ea37152908f833ab8c6ddbdf9a53fa96910f499aa9850e6e3170c77
- SSDEEP
  
  3072:uNDCOSp3CvdHOcJn+UAQBRnLEH+JkMZOuYfc0WN:kSpwlrJiARO+jOVfl
Score

7^/10
- Loads dropped DLL
behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

File Permissions Modification

Hidden Files and Directories

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

behavioral3

behavioral4