d81896305cdcf7dab9402e359d4f83af1c430bbd1b1efe18e778c285e257b324 | Triage

Sharing

General

Target

24d46246bc05c4e3b67643cae1d13bb0N.exe
Size

681KB
Sample

240709-dny3cawanc
MD5

24d46246bc05c4e3b67643cae1d13bb0
SHA1

ce522ad00bd8748d2936bb21a66e53f8fb137f13
SHA256

d81896305cdcf7dab9402e359d4f83af1c430bbd1b1efe18e778c285e257b324
SHA512

c81c9bd421e2b84d277ff999d632febe5de2f3a2190c040b4f3475edd46c127162e0051681841e72b8a260209304b1eac52f6dfb12c6f1e6fcc13925071677f8
SSDEEP

6144:DvRVevCGg+9++Pxn7wvKouwMoHbBanrB1Ze8zEr5ZULTJJB+LT0WuM4fnf4A2t1c:DvLeX347QZ7/2t1Lq1Lu0

Score

7^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  24d46246bc05c4e3b67643cae1d13bb0N.exe
- Size
  
  681KB
- MD5
  
  24d46246bc05c4e3b67643cae1d13bb0
- SHA1
  
  ce522ad00bd8748d2936bb21a66e53f8fb137f13
- SHA256
  
  d81896305cdcf7dab9402e359d4f83af1c430bbd1b1efe18e778c285e257b324
- SHA512
  
  c81c9bd421e2b84d277ff999d632febe5de2f3a2190c040b4f3475edd46c127162e0051681841e72b8a260209304b1eac52f6dfb12c6f1e6fcc13925071677f8
- SSDEEP
  
  6144:DvRVevCGg+9++Pxn7wvKouwMoHbBanrB1Ze8zEr5ZULTJJB+LT0WuM4fnf4A2t1c:DvLeX347QZ7/2t1Lq1Lu0
Score

7^/10

persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation