a63ac9f5d941556d413295824f9609605cf875d011f6d1434522c083be491724 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a63ac9f5d941556d413295824f9609605cf875d011f6d1434522c083be491724
Size

277KB
Sample

240909-bp1w8avdkm
MD5

74e07e0baacf51b3bd11a76947ab115a
SHA1

021b9b25d7dc4df139516403b8ae7ea46ff8e019
SHA256

a63ac9f5d941556d413295824f9609605cf875d011f6d1434522c083be491724
SHA512

d8777cde98cf3ceb36eef0d004fe6c0778c1aa4deae5a126468d62f007ff737920f614ce85f9af451463c416b4124653aa1cef9844c1cb61f512f20f44b3c0b8
SSDEEP

6144:YGOXfUdRT6mCo4Em3d1k91UmaFycSbGqJA:YGOSRT6mChEm3dOXURtSw

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  a63ac9f5d941556d413295824f9609605cf875d011f6d1434522c083be491724
- Size
  
  277KB
- MD5
  
  74e07e0baacf51b3bd11a76947ab115a
- SHA1
  
  021b9b25d7dc4df139516403b8ae7ea46ff8e019
- SHA256
  
  a63ac9f5d941556d413295824f9609605cf875d011f6d1434522c083be491724
- SHA512
  
  d8777cde98cf3ceb36eef0d004fe6c0778c1aa4deae5a126468d62f007ff737920f614ce85f9af451463c416b4124653aa1cef9844c1cb61f512f20f44b3c0b8
- SSDEEP
  
  6144:YGOXfUdRT6mCo4Em3d1k91UmaFycSbGqJA:YGOSRT6mChEm3dOXURtSw
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation