Overview

overview

8

Static

static

1

Cortana-2-Ana-09.cmd

windows7-x64

8

Cortana-2-Ana-09.cmd

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Cortana-2-Ana-09.cmd

  • Size

    18KB

  • Sample

    230324-3q9z3acb8t

  • MD5

    54e1a3a403a49c48b4c48e1751956ff8

  • SHA1

    00e21653559df4848d5ac2f2e44ef8a63eae9c2e

  • SHA256

    7ba583dbe374ad0e4f57667aa407d9626a678e4e394af498ba21d3e6c4a1cc7a

  • SHA512

    fdd5b16c261c7fd59c726fd7adc18a393f362ed0b676034c42ca4ca72793291b26348fdc2244ae12adddac8b78958db3893104639efa81f132f0485844a1e911

  • SSDEEP

    384:CGOHznpRsShAdhAdwzhcGq6XfjHlLQT2HiU4nR:CGOH1RsSKKaq6vLlLQTcJ4R

Score
8/10
discoveryexploit

Malware Config

Targets

    • Target

      Cortana-2-Ana-09.cmd

    • Size

      18KB

    • MD5

      54e1a3a403a49c48b4c48e1751956ff8

    • SHA1

      00e21653559df4848d5ac2f2e44ef8a63eae9c2e

    • SHA256

      7ba583dbe374ad0e4f57667aa407d9626a678e4e394af498ba21d3e6c4a1cc7a

    • SHA512

      fdd5b16c261c7fd59c726fd7adc18a393f362ed0b676034c42ca4ca72793291b26348fdc2244ae12adddac8b78958db3893104639efa81f132f0485844a1e911

    • SSDEEP

      384:CGOHznpRsShAdhAdwzhcGq6XfjHlLQT2HiU4nR:CGOH1RsSKKaq6vLlLQTcJ4R

    Score
    8/10
    discoveryexploit

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks