3e64d4a786ee6f59c1d815abc9a03b7f57649e4f60495ffa1cf3a76df6a95863 | Triage

Resubmissions

10/07/2024, 19:12

240710-xwkdpsvfkp 7

10/07/2024, 19:09

240710-xt7q8axeje 7

10/07/2024, 19:01

240710-xpfryavcjr 7

Sharing

Copy URL Twitter E-mail

General

Target

Host Process for Windows Tasks.exe
Size

18.1MB
Sample

240710-xwkdpsvfkp
MD5

545a9e4ce994d67296921e91587eb287
SHA1

b336b800dd205d666c900dd610383699b3b8f61a
SHA256

3e64d4a786ee6f59c1d815abc9a03b7f57649e4f60495ffa1cf3a76df6a95863
SHA512

49828a436221647255a197f0af45eaf0336461e6c3ae52ab15bf3387aafe030383ee1dfa210f97343ac712858bca81226041b15a7e3af875bb47e3a079abf112
SSDEEP

393216:BJAcluNmt+1+TtIiF30VnnRW8E5u6/Ft16vL3Mrcjs99pjO:BJANQ+1QtI7nRW8Iu+t1EQrass

Score

7^/10

persistence privilege_escalation pyinstaller

Malware Config

Targets

- Target
  
  Host Process for Windows Tasks.exe
- Size
  
  18.1MB
- MD5
  
  545a9e4ce994d67296921e91587eb287
- SHA1
  
  b336b800dd205d666c900dd610383699b3b8f61a
- SHA256
  
  3e64d4a786ee6f59c1d815abc9a03b7f57649e4f60495ffa1cf3a76df6a95863
- SHA512
  
  49828a436221647255a197f0af45eaf0336461e6c3ae52ab15bf3387aafe030383ee1dfa210f97343ac712858bca81226041b15a7e3af875bb47e3a079abf112
- SSDEEP
  
  393216:BJAcluNmt+1+TtIiF30VnnRW8E5u6/Ft16vL3Mrcjs99pjO:BJANQ+1QtI7nRW8Iu+t1EQrass
Score

7^/10

persistence privilege_escalation
- Drops startup file
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Event Triggered Execution

Netsh Helper DLL

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Event Triggered Execution

Netsh Helper DLL

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation