1b8a47aaeae6064db06285e9e43e94ab2056e777272a40c01cc8ebb491ae3439 | Triage

Resubmissions

Sharing

General

Target

LibreScore.exe
Size

43.5MB
Sample

240606-hz6c1sbb2v
MD5

7017f55de790d3b97ef7c4c67498287e
SHA1

a8293f3b24083a4cad5bcea20ecd1221c3b7ea7d
SHA256

1b8a47aaeae6064db06285e9e43e94ab2056e777272a40c01cc8ebb491ae3439
SHA512

7600f7cc52cf314d849b4cb0cbfb1ae73e1e500478cd83f48d8d5c6f171d637ba333982689349d3e14428df6cc846db4bfa17c718b5666ecb2ed62bba048e4a2
SSDEEP

786432:EHEsCx3BrScppxpMBpkOGJ5PTMR7agbW/1gqhMpJbGTHMTGeJMjyNQZdJ:YYx1ScYiQI1gqszJMjyI

Score

8^/10

execution persistence

Malware Config

Targets

- Target
  
  LibreScore.exe
- Size
  
  43.5MB
- MD5
  
  7017f55de790d3b97ef7c4c67498287e
- SHA1
  
  a8293f3b24083a4cad5bcea20ecd1221c3b7ea7d
- SHA256
  
  1b8a47aaeae6064db06285e9e43e94ab2056e777272a40c01cc8ebb491ae3439
- SHA512
  
  7600f7cc52cf314d849b4cb0cbfb1ae73e1e500478cd83f48d8d5c6f171d637ba333982689349d3e14428df6cc846db4bfa17c718b5666ecb2ed62bba048e4a2
- SSDEEP
  
  786432:EHEsCx3BrScppxpMBpkOGJ5PTMR7agbW/1gqhMpJbGTHMTGeJMjyNQZdJ:YYx1ScYiQI1gqszJMjyI
Score

8^/10

execution persistence
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence