ffd78b79c1acfcd48769dda249e6d1c568ab83bdfde7c4a95b1d42caab1ffdb1 | Triage

Sharing

General

Target

ffd78b79c1acfcd48769dda249e6d1c568ab83bdfde7c4a95b1d42caab1ffdb1
Size

136KB
Sample

240911-fh7hmstdkj
MD5

27576d2e3bff6533d0f78f8cfa07de5b
SHA1

4513c55f10054f1564e7f81a328a7878cc8d6484
SHA256

ffd78b79c1acfcd48769dda249e6d1c568ab83bdfde7c4a95b1d42caab1ffdb1
SHA512

0f7a3b5d3346a4620a96761b7b1327eb7fe76655eb05ff25ff0edce1197b6e8e382e498b1a640d000038a4524e223739d96bb997ed7194fd67695ce1bb7ee278
SSDEEP

3072:q99X4ATRtqdEY82XLT79O6W/0aC0VrETTrDFzH38dkjJZrx:E9ZtqqY82X3RObR4frxzsdkjJD

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  ffd78b79c1acfcd48769dda249e6d1c568ab83bdfde7c4a95b1d42caab1ffdb1
- Size
  
  136KB
- MD5
  
  27576d2e3bff6533d0f78f8cfa07de5b
- SHA1
  
  4513c55f10054f1564e7f81a328a7878cc8d6484
- SHA256
  
  ffd78b79c1acfcd48769dda249e6d1c568ab83bdfde7c4a95b1d42caab1ffdb1
- SHA512
  
  0f7a3b5d3346a4620a96761b7b1327eb7fe76655eb05ff25ff0edce1197b6e8e382e498b1a640d000038a4524e223739d96bb997ed7194fd67695ce1bb7ee278
- SSDEEP
  
  3072:q99X4ATRtqdEY82XLT79O6W/0aC0VrETTrDFzH38dkjJZrx:E9ZtqqY82X3RObR4frxzsdkjJD
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation