8da51079a43db457f4f694010558c53651e2157e7d94204f6226f163f8d83ee6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96741c7c7f16d0ea37e9ec7726a1e750N.exe
Size

216KB
Sample

240905-qfk7qs1fnr
MD5

96741c7c7f16d0ea37e9ec7726a1e750
SHA1

d1036e52ef8f89ecf250d8a57b1673b2ce598a1a
SHA256

8da51079a43db457f4f694010558c53651e2157e7d94204f6226f163f8d83ee6
SHA512

024f14e89ac9b52d42dd6d76bd08baf91598812cfb7189597ffa169a7454a09097726022c355f2c6717b3cd19275a0e182efded70cc4b87bf49bcf1ba6f41124
SSDEEP

3072:XIVjBRGC+KhV3IIlPBlXTQ4NIFUecXmyopLrThn4aXTpPkSZo7NwrzPurif5zuM:aloiyIlPBlXTZIi/yT5MAqWrDQiF

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  96741c7c7f16d0ea37e9ec7726a1e750N.exe
- Size
  
  216KB
- MD5
  
  96741c7c7f16d0ea37e9ec7726a1e750
- SHA1
  
  d1036e52ef8f89ecf250d8a57b1673b2ce598a1a
- SHA256
  
  8da51079a43db457f4f694010558c53651e2157e7d94204f6226f163f8d83ee6
- SHA512
  
  024f14e89ac9b52d42dd6d76bd08baf91598812cfb7189597ffa169a7454a09097726022c355f2c6717b3cd19275a0e182efded70cc4b87bf49bcf1ba6f41124
- SSDEEP
  
  3072:XIVjBRGC+KhV3IIlPBlXTQ4NIFUecXmyopLrThn4aXTpPkSZo7NwrzPurif5zuM:aloiyIlPBlXTZIi/yT5MAqWrDQiF
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation