e14fbab652008f42222b7fd9bb1044d421ed88b53cfed89040cc4f626b15d544 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

file.html

windows7-x64

8

file.html

windows10-2004-x64

1

Sharing

General

Target

file
Size

312KB
Sample

240629-z9ndmawfrc
MD5

919efebc899c5ee1d3d8e3e89a685942
SHA1

9d73e9e88f953858da96230b1ca00d4bb1548d2e
SHA256

e14fbab652008f42222b7fd9bb1044d421ed88b53cfed89040cc4f626b15d544
SHA512

8b61202f5671ef88b99f96b946dcb2199ceb23f6ae03cf738e279a9fc5541b21478bd6089db198bc3b49199cb26aa486ec473a01e2c0944d1e318ca740d3a6ab
SSDEEP

3072:BiQgAkHnjPIQ6KSEc/JHDPaW+LN7DxRLlzglKUVP0k:XgAkHnjPIQBSE0jPCN7jBUVP0k

Score

8^/10

discovery persistence privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

file.html

Resource

win7-20240221-en

discovery persistence privilege_escalation

windows7-x64

20 signatures

1800 seconds

Behavioral task

behavioral2

Sample

file.html

Resource

win10v2004-20240611-en

windows10-2004-x64

8 signatures

1800 seconds

Malware Config

Targets

- Target
  
  file
- Size
  
  312KB
- MD5
  
  919efebc899c5ee1d3d8e3e89a685942
- SHA1
  
  9d73e9e88f953858da96230b1ca00d4bb1548d2e
- SHA256
  
  e14fbab652008f42222b7fd9bb1044d421ed88b53cfed89040cc4f626b15d544
- SHA512
  
  8b61202f5671ef88b99f96b946dcb2199ceb23f6ae03cf738e279a9fc5541b21478bd6089db198bc3b49199cb26aa486ec473a01e2c0944d1e318ca740d3a6ab
- SSDEEP
  
  3072:BiQgAkHnjPIQ6KSEc/JHDPaW+LN7DxRLlzglKUVP0k:XgAkHnjPIQBSE0jPCN7jBUVP0k
Score

8^/10

discovery persistence privilege_escalation
- Downloads MZ/PE file
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Change Default File Association

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

© 2018-2025

Terms | Privacy