8a7614cff24763c2a5efd2a6ca09c0f9958a3f312480f9dc163440232ceba44d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

475a4521f89ffa86710bd29fa8ec9270N.exe
Size

246KB
Sample

240902-z7tsmaxdnn
MD5

475a4521f89ffa86710bd29fa8ec9270
SHA1

db91d94dcf4f8ccffabf0b3195aa69ce41fdeb61
SHA256

8a7614cff24763c2a5efd2a6ca09c0f9958a3f312480f9dc163440232ceba44d
SHA512

6ffae0d691bc356e98056fe0f0207d376ed17ef4c4eb3aa300a63320e1634ed0168eae4c86d070ae02651506600f938f706fbc7d690dcefa5d43e0a35be94fe7
SSDEEP

3072:cUK9UjrL5vSfmJtYTA1b5LLK26KC/gK8kV5ESE6asU9JrrDln5:cfUTxSfmb4IpK26cKlV5I6I9h/l5

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  475a4521f89ffa86710bd29fa8ec9270N.exe
- Size
  
  246KB
- MD5
  
  475a4521f89ffa86710bd29fa8ec9270
- SHA1
  
  db91d94dcf4f8ccffabf0b3195aa69ce41fdeb61
- SHA256
  
  8a7614cff24763c2a5efd2a6ca09c0f9958a3f312480f9dc163440232ceba44d
- SHA512
  
  6ffae0d691bc356e98056fe0f0207d376ed17ef4c4eb3aa300a63320e1634ed0168eae4c86d070ae02651506600f938f706fbc7d690dcefa5d43e0a35be94fe7
- SSDEEP
  
  3072:cUK9UjrL5vSfmJtYTA1b5LLK26KC/gK8kV5ESE6asU9JrrDln5:cfUTxSfmb4IpK26cKlV5I6I9h/l5
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation