7a023e2fad2a78cfd927b21153aa690781f30f0c58dc75e52c7d7fae6446fd13 | Triage

Sharing

General

Target

7a023e2fad2a78cfd927b21153aa690781f30f0c58dc75e52c7d7fae6446fd13
Size

101KB
Sample

230129-wkxdfshf4v
MD5

d4ae0cb9493e07bbde77bb341f9943f0
SHA1

2dffdcc424f4e734a2f784c7e46584738a2616f8
SHA256

7a023e2fad2a78cfd927b21153aa690781f30f0c58dc75e52c7d7fae6446fd13
SHA512

5a42861c454c05da833df776f58388fe3cb53ee7086e8048a8ce4c02aded988a32672dd128a0d1099da464105762367b8385401abf240b5e4c6787874389d078
SSDEEP

3072:XsU+S7o2ET2Xm5h0yXkyohodNfgxEHsvAEnYc+jlp:cU+SM2ETIG0yXk6Ux6svjv

Score

8^/10

discovery exploit persistence

Malware Config

Targets

- Target
  
  7a023e2fad2a78cfd927b21153aa690781f30f0c58dc75e52c7d7fae6446fd13
- Size
  
  101KB
- MD5
  
  d4ae0cb9493e07bbde77bb341f9943f0
- SHA1
  
  2dffdcc424f4e734a2f784c7e46584738a2616f8
- SHA256
  
  7a023e2fad2a78cfd927b21153aa690781f30f0c58dc75e52c7d7fae6446fd13
- SHA512
  
  5a42861c454c05da833df776f58388fe3cb53ee7086e8048a8ce4c02aded988a32672dd128a0d1099da464105762367b8385401abf240b5e4c6787874389d078
- SSDEEP
  
  3072:XsU+S7o2ET2Xm5h0yXkyohodNfgxEHsvAEnYc+jlp:cU+SM2ETIG0yXk6Ux6svjv
Score

8^/10

discovery exploit persistence
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Sets service image path in registry
  persistence
- Modifies file permissions
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

File Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploitpersistence

behavioral2

discoveryexploitpersistence