8e5b326b4451499e7d55a2c6825559c9c59cb0d9114d89ff23cd12c5710cb940 | Triage

Sharing

General

Target

2b87b0fb0e85dcde222b1fc3eba00e60N.exe
Size

132KB
Sample

240906-c63yks1grn
MD5

2b87b0fb0e85dcde222b1fc3eba00e60
SHA1

04291d94327e6e7c5d690e82463472603f389feb
SHA256

8e5b326b4451499e7d55a2c6825559c9c59cb0d9114d89ff23cd12c5710cb940
SHA512

2b5aec623a4329eaaf8e1abb3e2c56a0df5490fb051ef83bfc55b0a9b099af42a3553843e1c9df7af96286f0ce53f1beb57c63b0e1c12e67a8c6abc713cb4e54
SSDEEP

3072:ZVMfMIbIaw3J90/LfD/Q+BC3K5eqU+BC3K5eqYroGIkToBl:kfMmMmXgK70K79R

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  2b87b0fb0e85dcde222b1fc3eba00e60N.exe
- Size
  
  132KB
- MD5
  
  2b87b0fb0e85dcde222b1fc3eba00e60
- SHA1
  
  04291d94327e6e7c5d690e82463472603f389feb
- SHA256
  
  8e5b326b4451499e7d55a2c6825559c9c59cb0d9114d89ff23cd12c5710cb940
- SHA512
  
  2b5aec623a4329eaaf8e1abb3e2c56a0df5490fb051ef83bfc55b0a9b099af42a3553843e1c9df7af96286f0ce53f1beb57c63b0e1c12e67a8c6abc713cb4e54
- SSDEEP
  
  3072:ZVMfMIbIaw3J90/LfD/Q+BC3K5eqU+BC3K5eqYroGIkToBl:kfMmMmXgK70K79R
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation