Overview

overview

8

Static

static

1

Epson Styl...00.rar

windows11-21h2-x64

8

Resubmissions

07/08/2024, 08:30

240807-keafysyena 8

07/08/2024, 08:28

240807-kdghwayelc 3

Sharing

Copy URL Twitter E-mail

General

  • Target

    Epson Stylus CX7300.rar

  • Size

    590KB

  • Sample

    240807-keafysyena

  • MD5

    c946605f8e5be948cf65973eefc81171

  • SHA1

    28ce778b1e4391ef26dc156960f46c3e39b703c4

  • SHA256

    69ff1b78ee85f0d76c571067a5c3732d880af586efb3c0b6d86b46ac70c37521

  • SHA512

    2bd075f226ed870a6179b75500de84f20db7ee7018999bd8ac391f81884ad0e7ce1f7987a7d7bd042eb65ade87f9087961f782062d763c333c7d019d52a1958f

  • SSDEEP

    12288:L/6BmFBlIxwWdkm7DzlwgxBa+su+wXYLZF06eUwQjAV01aVa9Q4QNavRDMLj:OBmFBexwpeDzlwGBa+hX0ZF3AQjAV010

Score
8/10
defense_evasiondiscoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      Epson Stylus CX7300.rar

    • Size

      590KB

    • MD5

      c946605f8e5be948cf65973eefc81171

    • SHA1

      28ce778b1e4391ef26dc156960f46c3e39b703c4

    • SHA256

      69ff1b78ee85f0d76c571067a5c3732d880af586efb3c0b6d86b46ac70c37521

    • SHA512

      2bd075f226ed870a6179b75500de84f20db7ee7018999bd8ac391f81884ad0e7ce1f7987a7d7bd042eb65ade87f9087961f782062d763c333c7d019d52a1958f

    • SSDEEP

      12288:L/6BmFBlIxwWdkm7DzlwgxBa+su+wXYLZF06eUwQjAV01aVa9Q4QNavRDMLj:OBmFBexwpeDzlwGBa+hX0ZF3AQjAV010

    Score
    8/10
    defense_evasiondiscoverypersistenceprivilege_escalation

    • Downloads MZ/PE file

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks