5cf82f8250073228efbd7d2e78d9069dbca7611fe6e8c8ff6c3b64923aff672d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8313eb56ff7e86669521a48028a40f0N.exe
Size

225KB
Sample

240903-hf657s1ekb
MD5

b8313eb56ff7e86669521a48028a40f0
SHA1

9ecc4f428c37e7c83c6b35abbc27997d300bd180
SHA256

5cf82f8250073228efbd7d2e78d9069dbca7611fe6e8c8ff6c3b64923aff672d
SHA512

c4120b7c9981d5918d757be75cfce978646e7a26f26413d5c3bfbd54a5d55d68556067a650b12f629dbbc0b71adc0b62577faafb9ea0bf80ec810d9a3ba0664d
SSDEEP

3072:vtbbbbFLcM92DCfh8fcAMzFzMJvb8RZabP4QEP7EPaERzcUf7lPasVOCvFmqcCzS:vom2efufqcdzfvV4PdAJk08Rv

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  b8313eb56ff7e86669521a48028a40f0N.exe
- Size
  
  225KB
- MD5
  
  b8313eb56ff7e86669521a48028a40f0
- SHA1
  
  9ecc4f428c37e7c83c6b35abbc27997d300bd180
- SHA256
  
  5cf82f8250073228efbd7d2e78d9069dbca7611fe6e8c8ff6c3b64923aff672d
- SHA512
  
  c4120b7c9981d5918d757be75cfce978646e7a26f26413d5c3bfbd54a5d55d68556067a650b12f629dbbc0b71adc0b62577faafb9ea0bf80ec810d9a3ba0664d
- SSDEEP
  
  3072:vtbbbbFLcM92DCfh8fcAMzFzMJvb8RZabP4QEP7EPaERzcUf7lPasVOCvFmqcCzS:vom2efufqcdzfvV4PdAJk08Rv
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation