90fc693b53a35e86d2c87d23966d896febb712b4a543114d9974ec9417286286 | Triage

Resubmissions

28/08/2024, 16:54

240828-vep7hswgng 7

19/08/2024, 02:01

240819-cfsd6aybka 7

Sharing

General

Target

TakeOwnershipPro.exe
Size

701KB
Sample

240819-cfsd6aybka
MD5

0e1cc89bb3149dc1afb6aa2619bb3266
SHA1

e7dbdf363a1bf1d73e10debe3d17caa6a5165c0f
SHA256

90fc693b53a35e86d2c87d23966d896febb712b4a543114d9974ec9417286286
SHA512

229c6580a0e690aae7d8c5bc7c05f5dceacf4f9dfdcb2749ae9965cfbaa38a8222a4d8f4b6358eda53c44ab427677ac79b9582d937e9f4bf423ddcb2c83e16e0
SSDEEP

12288:uQiGXURE89x3OqvttIUciEAuZQ1RiiyAiVHNpn9Rn/N8r5xjAFHboFe63ltOn5cd:uQiqMOstePxgRJidn9Rng51AFHt63TOY

Score

7^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  TakeOwnershipPro.exe
- Size
  
  701KB
- MD5
  
  0e1cc89bb3149dc1afb6aa2619bb3266
- SHA1
  
  e7dbdf363a1bf1d73e10debe3d17caa6a5165c0f
- SHA256
  
  90fc693b53a35e86d2c87d23966d896febb712b4a543114d9974ec9417286286
- SHA512
  
  229c6580a0e690aae7d8c5bc7c05f5dceacf4f9dfdcb2749ae9965cfbaa38a8222a4d8f4b6358eda53c44ab427677ac79b9582d937e9f4bf423ddcb2c83e16e0
- SSDEEP
  
  12288:uQiGXURE89x3OqvttIUciEAuZQ1RiiyAiVHNpn9Rn/N8r5xjAFHboFe63ltOn5cd:uQiqMOstePxgRJidn9Rng51AFHt63TOY
Score

7^/10

discovery persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2