31ac992ed6018bbfbd473533f8240893bb0cd96c27fe0d504efe2ed557caeaa2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31ac992ed6018bbfbd473533f8240893bb0cd96c27fe0d504efe2ed557caeaa2
Size

182KB
Sample

240816-zpv8qszepq
MD5

5f357863a24f589f962dba178edd7252
SHA1

aef5bb364b673c6be838179e10fc3a40a03771f8
SHA256

31ac992ed6018bbfbd473533f8240893bb0cd96c27fe0d504efe2ed557caeaa2
SHA512

4befef90b071945f9a3185a6ac0bdee14207f941237a97ff08f2dd00bed735da1269f82a924c5684745bd046dae1518e0e15db3f4f6dc0947c4c65c8b53bfeb3
SSDEEP

3072:h6tchyinW3kgIhxGYzwK9YF8xjnw89JnszQcJdXO9o:ein4kXxxzwQYF8xF52dXr

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  31ac992ed6018bbfbd473533f8240893bb0cd96c27fe0d504efe2ed557caeaa2
- Size
  
  182KB
- MD5
  
  5f357863a24f589f962dba178edd7252
- SHA1
  
  aef5bb364b673c6be838179e10fc3a40a03771f8
- SHA256
  
  31ac992ed6018bbfbd473533f8240893bb0cd96c27fe0d504efe2ed557caeaa2
- SHA512
  
  4befef90b071945f9a3185a6ac0bdee14207f941237a97ff08f2dd00bed735da1269f82a924c5684745bd046dae1518e0e15db3f4f6dc0947c4c65c8b53bfeb3
- SSDEEP
  
  3072:h6tchyinW3kgIhxGYzwK9YF8xjnw89JnszQcJdXO9o:ein4kXxxzwQYF8xF52dXr
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation