1ea8280f038d90119979c2f64bacfee8af66c34dca9f4861a5bf324b4ea361aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

doc9.bat
Size

3KB
Sample

240105-lwtftsacf4
MD5

12167552f07c5a1aa14c204ecdfc1e17
SHA1

c0487738258ed151754ab6df3dc05418023f0fab
SHA256

1ea8280f038d90119979c2f64bacfee8af66c34dca9f4861a5bf324b4ea361aa
SHA512

92e1b4dd408b8c4e903163714bc3c1106f413729fd226a34b3b5613e8cf0eac40ae37c89f4a1ea6d80110982581e12ce4c3a3123f6b4fce0e1c1c910385711c9

Score

8^/10

discovery exploit persistence

Malware Config

Targets

- Target
  
  doc9.bat
- Size
  
  3KB
- MD5
  
  12167552f07c5a1aa14c204ecdfc1e17
- SHA1
  
  c0487738258ed151754ab6df3dc05418023f0fab
- SHA256
  
  1ea8280f038d90119979c2f64bacfee8af66c34dca9f4861a5bf324b4ea361aa
- SHA512
  
  92e1b4dd408b8c4e903163714bc3c1106f413729fd226a34b3b5613e8cf0eac40ae37c89f4a1ea6d80110982581e12ce4c3a3123f6b4fce0e1c1c910385711c9
Score

8^/10

discovery exploit persistence
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
- Modifies system executable filetype association
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

File and Directory Permissions Modification

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexploitpersistence