8c500af869dce8f01ad80968f5b065280c88740f7e8f9f2817c8a5f7501cffa8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c500af869dce8f01ad80968f5b065280c88740f7e8f9f2817c8a5f7501cffa8
Size

538KB
Sample

240620-anxmqsydma
MD5

76dae6a70bcd03b7f81368e0d3f2ae9b
SHA1

da5d57b677d613bbc563fa76b03b46f07d6c01a5
SHA256

8c500af869dce8f01ad80968f5b065280c88740f7e8f9f2817c8a5f7501cffa8
SHA512

158d5bc31b6fc3517c51a56f30c01e994900c0bc904766dbc2a65a430080db1bd49f0c5a5633e6ab9939602915f9dc4e047c39adb556d2c7f93214ae2c53600a
SSDEEP

6144:tdpddzqjXfpbKUTejDYUwzF0EgFUqvKHVugxhY0/iJZuQUnmjYmLnPITkAK0nnjE:tLd6mFArL13fQUnmjYmETFK0nHuocb9

Score

7^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  8c500af869dce8f01ad80968f5b065280c88740f7e8f9f2817c8a5f7501cffa8
- Size
  
  538KB
- MD5
  
  76dae6a70bcd03b7f81368e0d3f2ae9b
- SHA1
  
  da5d57b677d613bbc563fa76b03b46f07d6c01a5
- SHA256
  
  8c500af869dce8f01ad80968f5b065280c88740f7e8f9f2817c8a5f7501cffa8
- SHA512
  
  158d5bc31b6fc3517c51a56f30c01e994900c0bc904766dbc2a65a430080db1bd49f0c5a5633e6ab9939602915f9dc4e047c39adb556d2c7f93214ae2c53600a
- SSDEEP
  
  6144:tdpddzqjXfpbKUTejDYUwzF0EgFUqvKHVugxhY0/iJZuQUnmjYmLnPITkAK0nnjE:tLd6mFArL13fQUnmjYmETFK0nHuocb9
Score

7^/10

persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation