d5bbb1970fb8384d0430ad86b0f5e18f47320433cce2d819f79723056bad2c5e | Triage

Sharing

General

Target

Clip Studio Paint EX v1.12.1 Win64.rar
Size

373.7MB
Sample

240706-wlrvcszgkd
MD5

c505972907aaf397fb928f851373326b
SHA1

363489bf8b95f54162ab3820ff5bbdc94b488ba5
SHA256

d5bbb1970fb8384d0430ad86b0f5e18f47320433cce2d819f79723056bad2c5e
SHA512

abf90f0d65f56942f2f53b0a8a264325bb04e9d25df41636f5ca503cf3b1753de5692a3fed945e09fc1646f022bacfd87ff8910ca7bd7ef491c0a826dbee1268
SSDEEP

6291456:vwxwvWpD/1CKGzA+aqp/EER2hAVsLx2z4078fVwkmQS1vncucJt5A9dCZtZt22xh:vWfZEvTRV4r6ZcucPG9dCTZRabdK

Score

5^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  Clip Studio Paint EX v1.12.1 Win64/CSP_11211w_setup.exe
- Size
  
  353.0MB
- MD5
  
  67a6294090c9411613453013d8f04dbb
- SHA1
  
  758af5ca25d4016d566f4441abd2bb1dffb1814d
- SHA256
  
  f60aca21e24cfbe92477334a1b7275cb2afae082182f0d66e6db340de82bfab0
- SHA512
  
  6a47d84dc642b845aa21d544d0210205469976c5c5aa737a31497af1be0b15d81c1705f87cf55000e4a6c42f36af5c093630215127c2e5462aef6364a60cd888
- SSDEEP
  
  6291456:pN+oCvPa02dqtbAT62TyYySPCQpHV5UzlT9W3RQ8XFOUsiawC/CJGr6MGlh2u+3P:OoCviBgby62TRrbHVmF9W3ZXF0F/Ck15
Score

5^/10

discovery persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2
- Target
  
  Clip Studio Paint EX v1.12.1 Win64/Patch/Multilanguage/CLIPStudioPaint.exe
- Size
  
  31.8MB
- MD5
  
  390c1a5e843bc9eb73a20a44a37a41d1
- SHA1
  
  8b881361c5088632f6fb5107b05303eccb179184
- SHA256
  
  5c644ba9cda8726530f83d03b87c4c2d339e6172fd6bf867acc1cf7e3ef2bbb4
- SHA512
  
  281941bcabd1fc6edcb14aeff274cc6b35f4738f4de8ccaebede36328b7007d43093554e6ffd7639e38d698687235682514b8cca64f891089b2211feb3177496
- SSDEEP
  
  393216:paMcLUlvESZeMnT3ujx/MB4ZZ0/zVghTKTz7P+aBYw5A0r0GLlmCvAMPWw6Y0GJd:paMMUJvccm/TShj3mR0dh6dF7GxE4Zo
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

behavioral3

behavioral4