17a1fb58413f83fc93fca683a4eb78d74bffd2cc02d5d25cf23018c8fe219afd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c29a3d8518291239fdcaa1e092d1300N.exe
Size

162KB
Sample

240706-r74ntstfpb
MD5

0c29a3d8518291239fdcaa1e092d1300
SHA1

c7d2283eaf07e08cc98e62aa834317765a44bb98
SHA256

17a1fb58413f83fc93fca683a4eb78d74bffd2cc02d5d25cf23018c8fe219afd
SHA512

166214f0680a93a4a206e0ac388f519b844e8e5335906b5e2296c4a5ff4e3221f60d6c9556f6da99268413824cd8c0a135290009e9c54b646ff748f3a5d257e4
SSDEEP

3072:51oVtum4WHvjVGr8kgB9s8p+uRcKVHM0lma3UroAew5ak23n2MgN8DljR:5mtmCjkU9Wu6uFYwsegak22TQll

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  0c29a3d8518291239fdcaa1e092d1300N.exe
- Size
  
  162KB
- MD5
  
  0c29a3d8518291239fdcaa1e092d1300
- SHA1
  
  c7d2283eaf07e08cc98e62aa834317765a44bb98
- SHA256
  
  17a1fb58413f83fc93fca683a4eb78d74bffd2cc02d5d25cf23018c8fe219afd
- SHA512
  
  166214f0680a93a4a206e0ac388f519b844e8e5335906b5e2296c4a5ff4e3221f60d6c9556f6da99268413824cd8c0a135290009e9c54b646ff748f3a5d257e4
- SSDEEP
  
  3072:51oVtum4WHvjVGr8kgB9s8p+uRcKVHM0lma3UroAew5ak23n2MgN8DljR:5mtmCjkU9Wu6uFYwsegak22TQll
Score

8^/10

persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation