da220e2f37fc9723c51a446d59c42f13f108ee34a536c67b31cc64c8b9add8ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e6bc9eb4732345980491d72e3340800N.exe
Size

2.8MB
Sample

240824-q32s1asgmh
MD5

6e6bc9eb4732345980491d72e3340800
SHA1

db5c38b4af06d4515547797fd74da0d15a2372fa
SHA256

da220e2f37fc9723c51a446d59c42f13f108ee34a536c67b31cc64c8b9add8ff
SHA512

ce72c6fa993690c992967b4e81df7c690479f3b80ba87f0be8265066aeb9c532a8ef5252d14c53a8f4386cd7d65ac9f1b0180e61d444007c0df7266109b27dbc
SSDEEP

49152:+h/FEDavg+a45asKokxoDEMPcMWQTBh7pi20pXRnV5F:yaVA72oDEMPZvB0pXLH

Score

7^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  6e6bc9eb4732345980491d72e3340800N.exe
- Size
  
  2.8MB
- MD5
  
  6e6bc9eb4732345980491d72e3340800
- SHA1
  
  db5c38b4af06d4515547797fd74da0d15a2372fa
- SHA256
  
  da220e2f37fc9723c51a446d59c42f13f108ee34a536c67b31cc64c8b9add8ff
- SHA512
  
  ce72c6fa993690c992967b4e81df7c690479f3b80ba87f0be8265066aeb9c532a8ef5252d14c53a8f4386cd7d65ac9f1b0180e61d444007c0df7266109b27dbc
- SSDEEP
  
  49152:+h/FEDavg+a45asKokxoDEMPcMWQTBh7pi20pXRnV5F:yaVA72oDEMPZvB0pXLH
Score

7^/10

persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation