2cb254bd89b6683fe71587ecaeb53c517cb0cf9e630ee0366a338e5dc587c841 | Triage

Sharing

General

Target

9713e4828cb213187616e0fb93bdb330N.exe
Size

350KB
Sample

240823-xsap4atbnn
MD5

9713e4828cb213187616e0fb93bdb330
SHA1

2b1fc1a98e398cac76bfc236f9500870e2c4a353
SHA256

2cb254bd89b6683fe71587ecaeb53c517cb0cf9e630ee0366a338e5dc587c841
SHA512

d8651f1714b0e498b15cd5fcead4845e0eb45a0adc3563190d74861a91e0bdd7e22eb045abbc7bf599d5b5f95150e8109190dce8ce3e09fcbe60e449067440f1
SSDEEP

6144:AyH7xOc6H5c6HcT66vlmWTBHvnrSxHqHGTP+9IevMP41vAOhkqvcXq2ka3CUbpf1:AazBHvrSxHqHSehv2ka3Copfu0CXNmLz

Score

7^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  9713e4828cb213187616e0fb93bdb330N.exe
- Size
  
  350KB
- MD5
  
  9713e4828cb213187616e0fb93bdb330
- SHA1
  
  2b1fc1a98e398cac76bfc236f9500870e2c4a353
- SHA256
  
  2cb254bd89b6683fe71587ecaeb53c517cb0cf9e630ee0366a338e5dc587c841
- SHA512
  
  d8651f1714b0e498b15cd5fcead4845e0eb45a0adc3563190d74861a91e0bdd7e22eb045abbc7bf599d5b5f95150e8109190dce8ce3e09fcbe60e449067440f1
- SSDEEP
  
  6144:AyH7xOc6H5c6HcT66vlmWTBHvnrSxHqHGTP+9IevMP41vAOhkqvcXq2ka3CUbpf1:AazBHvrSxHqHSehv2ka3Copfu0CXNmLz
Score

7^/10

discovery persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistenceprivilege_escalation