Overview

overview

10

Static

static

10

IDA830.rar

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    IDA830.rar

  • Size

    386.9MB

  • Sample

    240727-3cam2stgpn

  • MD5

    a759459c5c78fcb00420b2aeca7d408a

  • SHA1

    ed79cda10d56d0517323c7b9fc9337408cf67bba

  • SHA256

    d9fa3220f922c5bc96ab7d2a3959af8af4c490a148a3d1779fb99fa3b4b910cb

  • SHA512

    7717f5d95a1dc49dce8a29a03bb003ca92516c6de84a9339aba9012af43646fd6d496376b173fc75cf349d56acd587fe332a0e768808e629b345faf5544e696e

  • SSDEEP

    6291456:5YynX9PFbTmlM6GjFYmNjReTMskyMxqmMvxQv4H5gWKQOgf4GnvfCQLBZlJ5:5YaX5FbT8GjFYC9aMsUqfZQSvvtCQtj

Score
10/10
industroyerdefense_evasiondiscoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      IDA830.rar

    • Size

      386.9MB

    • MD5

      a759459c5c78fcb00420b2aeca7d408a

    • SHA1

      ed79cda10d56d0517323c7b9fc9337408cf67bba

    • SHA256

      d9fa3220f922c5bc96ab7d2a3959af8af4c490a148a3d1779fb99fa3b4b910cb

    • SHA512

      7717f5d95a1dc49dce8a29a03bb003ca92516c6de84a9339aba9012af43646fd6d496376b173fc75cf349d56acd587fe332a0e768808e629b345faf5544e696e

    • SSDEEP

      6291456:5YynX9PFbTmlM6GjFYmNjReTMskyMxqmMvxQv4H5gWKQOgf4GnvfCQLBZlJ5:5YaX5FbT8GjFYC9aMsUqfZQSvvtCQtj

    Score
    8/10
    defense_evasiondiscoverypersistenceprivilege_escalation

    • Downloads MZ/PE file

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks