5bc3b90d592606febb38e49d9dec0573c1148c1bb02c55de81a1890b8d42e7e5 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

download.html

windows7-x64

3

download.html

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

download.html
Size

19KB
Sample

240906-l56shs1bme
MD5

5ef83efab6506ac98bade460c7e10789
SHA1

55bc47126cb3561fb50077a7685dc090933e9b9e
SHA256

5bc3b90d592606febb38e49d9dec0573c1148c1bb02c55de81a1890b8d42e7e5
SHA512

c7402b7ccc2b289fa3b470309b2a6a686c14c0d20b2390016f9d4b47cf88feb0017602de3dddc60fe6dc99a1976ef82903af7b7f316c26f22c3d32c880895582
SSDEEP

192:gdFyR/b8HeFhIfjwsqKbMc+O8T8HBymh63ZRfuWEjI:gdFyR/wHejIfEMbMc+O8T81Q3aW/

Score

8^/10

discovery persistence privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

download.html

Resource

win7-20240903-en

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

download.html

Resource

win10v2004-20240802-en

discovery persistence privilege_escalation

windows10-2004-x64

22 signatures

300 seconds

Malware Config

Targets

- Target
  
  download.html
- Size
  
  19KB
- MD5
  
  5ef83efab6506ac98bade460c7e10789
- SHA1
  
  55bc47126cb3561fb50077a7685dc090933e9b9e
- SHA256
  
  5bc3b90d592606febb38e49d9dec0573c1148c1bb02c55de81a1890b8d42e7e5
- SHA512
  
  c7402b7ccc2b289fa3b470309b2a6a686c14c0d20b2390016f9d4b47cf88feb0017602de3dddc60fe6dc99a1976ef82903af7b7f316c26f22c3d32c880895582
- SSDEEP
  
  192:gdFyR/b8HeFhIfjwsqKbMc+O8T8HBymh63ZRfuWEjI:gdFyR/wHejIfEMbMc+O8T81Q3aW/
Score

8^/10

discovery persistence privilege_escalation
- Downloads MZ/PE file
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistenceprivilege_escalation

© 2018-2025

Terms | Privacy