0c5924fa33f3005938cf82c64cf548a6a96216c512b7377d13c72d81ecb18969 | Triage

Resubmissions

28-06-2024 12:52

240628-p32mkatblq 8

28-06-2024 12:50

240628-p3b2xazglf 8

Sharing

General

Target

test.bat
Size

3KB
Sample

240628-p3b2xazglf
MD5

252dfe9f4be7028477c9e5f9c847ce3c
SHA1

62e44423243d9f0c5b51ed889236993880064cd1
SHA256

0c5924fa33f3005938cf82c64cf548a6a96216c512b7377d13c72d81ecb18969
SHA512

1a36e5896cc028acfdfccfb8d57c3c2fb8ea9440a45f0625cc9a001920174c789d78ce36ac30decb05dd50151a5a9bec7fa420717a39f7aff5a531c282f0c304

Score

8^/10

evasion persistence privilege_escalation

Malware Config

Targets

- Target
  
  test.bat
- Size
  
  3KB
- MD5
  
  252dfe9f4be7028477c9e5f9c847ce3c
- SHA1
  
  62e44423243d9f0c5b51ed889236993880064cd1
- SHA256
  
  0c5924fa33f3005938cf82c64cf548a6a96216c512b7377d13c72d81ecb18969
- SHA512
  
  1a36e5896cc028acfdfccfb8d57c3c2fb8ea9440a45f0625cc9a001920174c789d78ce36ac30decb05dd50151a5a9bec7fa420717a39f7aff5a531c282f0c304
Score

8^/10

evasion persistence privilege_escalation
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceprivilege_escalation