36ca1c778e85cf4304756ef559efcb3d13a0e37e22150234e7d9a99edb6430b8 | Triage

Sharing

General

Target

36ca1c778e85cf4304756ef559efcb3d13a0e37e22150234e7d9a99edb6430b8
Size

82KB
Sample

240628-y5wnrstgkr
MD5

a33139a5bc4bc2e46dad0e86299aacdb
SHA1

b12871182ffb7e58432b0da2510ab270e4d2e313
SHA256

36ca1c778e85cf4304756ef559efcb3d13a0e37e22150234e7d9a99edb6430b8
SHA512

44f4f80b99b65e51f8eae557f160bdcea3eed4638e4147b1092b5fb38549b6e871e29d5afad72d021c123ed7129e6aba92e68d4aa7be1bd91323bff59d077725
SSDEEP

768:hDHH/9OZdIAylNo8GAEgJzk0xS74/6uRzGvOtDbE9yDGFoyUEAp:hT/9Orgbo8GAEghk0xS7SW9roXp

Score

5^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  36ca1c778e85cf4304756ef559efcb3d13a0e37e22150234e7d9a99edb6430b8
- Size
  
  82KB
- MD5
  
  a33139a5bc4bc2e46dad0e86299aacdb
- SHA1
  
  b12871182ffb7e58432b0da2510ab270e4d2e313
- SHA256
  
  36ca1c778e85cf4304756ef559efcb3d13a0e37e22150234e7d9a99edb6430b8
- SHA512
  
  44f4f80b99b65e51f8eae557f160bdcea3eed4638e4147b1092b5fb38549b6e871e29d5afad72d021c123ed7129e6aba92e68d4aa7be1bd91323bff59d077725
- SSDEEP
  
  768:hDHH/9OZdIAylNo8GAEgJzk0xS74/6uRzGvOtDbE9yDGFoyUEAp:hT/9Orgbo8GAEghk0xS7SW9roXp
Score

5^/10

persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation