0cf4be67281982334e2dd4499c2d083dee426f2deee2b722a1a8258bafab8e95 | Triage

Resubmissions

07-08-2024 08:32

240807-kffz5ayepf 7

Sharing

General

Target

18404625444.zip
Size

1.5MB
Sample

240807-kffz5ayepf
MD5

bacae7e50c2f028a0b054b02a8910dd4
SHA1

970d6f61d91535a5d3dc8bd89d27e4cc951f17dd
SHA256

0cf4be67281982334e2dd4499c2d083dee426f2deee2b722a1a8258bafab8e95
SHA512

1cd2f6695ad6caa44e70e41c8b689b76549a54b287a32ea87730b5e76caafee81aad4498bceeffd4b6dc607040781b9dfd130d50d1717c65f2823e7150b736d4
SSDEEP

24576:CYNqlI9KjPXvQaudP6N16pgN2Mx/GHJuM+SKSofZDm9toFhKjOPY40gUVqR4:nKTvQ/6nJNjxsJt+S+Bl2O50gfa

Score

7^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  12ef1c8127ec3465520e4cfd23605b708d81a5a2cf37ba124f018e5c094de0d9
- Size
  
  1.5MB
- MD5
  
  c73433dd532d445d099385865f62148b
- SHA1
  
  4723c45f297cc8075eac69d2ef94e7e131d3a734
- SHA256
  
  12ef1c8127ec3465520e4cfd23605b708d81a5a2cf37ba124f018e5c094de0d9
- SHA512
  
  1211c8b67652664d6f66e248856b95ca557d4fdb4ea90d30df68208055d4c94fea0d158e7e6a965eae5915312dee33f62db882bb173faec5332a17bd2fb59447
- SSDEEP
  
  49152:ZEVAbJqaITViU3qLkr7toP9KT+uv6WC+5uxe1o58:ZEVcqeUaki9oBqt+
Score

7^/10

discovery persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation