49c700e7c9dfa01c6f46cbb4e65df276180f7d34a1b6272de1d796d97f58e8e7 | Triage

Submit
Reports

Overview

overview

5

Static

static

3

tiktok_liv...64.exe

windows10-2004-x64

5

Sharing

General

Target

tiktok_live_studio-v0.62.2-win32-x64.exe
Size

388.0MB
Sample

240801-1d1jra1ejf
MD5

c73d6251b48cc17452b39c0756b95c7b
SHA1

5438b09a2e95322a512e96cac9fb8a78432f54e3
SHA256

49c700e7c9dfa01c6f46cbb4e65df276180f7d34a1b6272de1d796d97f58e8e7
SHA512

d9864fcf96b5865655a116de9b28983ab429dd69d57e193d06651b46a9ccfeb907fc0dea48f91731da07463a2dc86e9a1111a9c0bfd38f272ffd6c9635a7b593
SSDEEP

6291456:uYE1yN6mQGd78K9j+XlpjaFdEPgy/NTgJd9i6gf1VYYYM8kRe7t1297cNr:+s6m7dIqjEEFQgd3MfHYYYMc7t129ANr

Score

5^/10

discovery link pdf persistence privilege_escalation

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

tiktok_live_studio-v0.62.2-win32-x64.exe

Resource

win10v2004-20240730-en

discovery persistence privilege_escalation

windows10-2004-x64

20 signatures

150 seconds

Malware Config

Targets

- Target
  
  tiktok_live_studio-v0.62.2-win32-x64.exe
- Size
  
  388.0MB
- MD5
  
  c73d6251b48cc17452b39c0756b95c7b
- SHA1
  
  5438b09a2e95322a512e96cac9fb8a78432f54e3
- SHA256
  
  49c700e7c9dfa01c6f46cbb4e65df276180f7d34a1b6272de1d796d97f58e8e7
- SHA512
  
  d9864fcf96b5865655a116de9b28983ab429dd69d57e193d06651b46a9ccfeb907fc0dea48f91731da07463a2dc86e9a1111a9c0bfd38f272ffd6c9635a7b593
- SSDEEP
  
  6291456:uYE1yN6mQGd78K9j+XlpjaFdEPgy/NTgJd9i6gf1VYYYM8kRe7t1297cNr:+s6m7dIqjEEFQgd3MfHYYYMc7t129ANr
Score

5^/10

discovery persistence privilege_escalation
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

© 2018-2025

Terms | Privacy