Overview

overview

7

Static

static

3

5fcd55769b...c2.exe

windows7-x64

7

5fcd55769b...c2.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    5fcd55769bd309cd35f3815c5c4858a0a516dc88f3e9584f54fd5c9005b8c4c2

  • Size

    877KB

  • Sample

    240901-2rygzsvdme

  • MD5

    cd49d4ac8300b3be67f800da9dd3c274

  • SHA1

    52ce2a850798205ff3cdf04394fc8c5192485d14

  • SHA256

    5fcd55769bd309cd35f3815c5c4858a0a516dc88f3e9584f54fd5c9005b8c4c2

  • SHA512

    47c097f07846b46e65cd0c7ac71cc3c782d0b77225009b1bfab99462a5fa82553794ffd7fd3bce226c02ad6b1b22d1341d8360ae26ba5b1406f5f98827d0905a

  • SSDEEP

    24576:DmXn4Uv860Ugo36e0VikOpC4EGBuUf6A4MqAZ:in4G86o3ecLOsFGkDMpZ

Score
7/10
discoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      5fcd55769bd309cd35f3815c5c4858a0a516dc88f3e9584f54fd5c9005b8c4c2

    • Size

      877KB

    • MD5

      cd49d4ac8300b3be67f800da9dd3c274

    • SHA1

      52ce2a850798205ff3cdf04394fc8c5192485d14

    • SHA256

      5fcd55769bd309cd35f3815c5c4858a0a516dc88f3e9584f54fd5c9005b8c4c2

    • SHA512

      47c097f07846b46e65cd0c7ac71cc3c782d0b77225009b1bfab99462a5fa82553794ffd7fd3bce226c02ad6b1b22d1341d8360ae26ba5b1406f5f98827d0905a

    • SSDEEP

      24576:DmXn4Uv860Ugo36e0VikOpC4EGBuUf6A4MqAZ:in4G86o3ecLOsFGkDMpZ

    Score
    7/10
    discoveryevasionpersistenceprivilege_escalationtrojan

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks