cf1f27779dbe5a64dcdfd0b5d36dcea9858c0e2cd2b78e6e8aa759632c281ae5 | Triage

Sharing

General

Target

cf1f27779dbe5a64dcdfd0b5d36dcea9858c0e2cd2b78e6e8aa759632c281ae5
Size

722KB
Sample

240912-deex4sxflk
MD5

09ffa928a8f7d31870a7d219510fd2d4
SHA1

0194620b98e932c2072a817104a64937f1cf3502
SHA256

cf1f27779dbe5a64dcdfd0b5d36dcea9858c0e2cd2b78e6e8aa759632c281ae5
SHA512

e86a8e30b5ea9dff0b62f4be3df3ec8314c7f23b23a587d8580c7b9058db950bc066b6ebaa91b3a301b8172f05214db48dbace62fcb71bb27fc3b9b50c04fdac
SSDEEP

12288:lE2dNgfrRW4XJsgHXb8jze/eVlvsatD2JjvS0abCVGjftYHqy/8CI4U5xJnMZ:u2dg1NrHYjzbVZsiqJjKRbiRKy0C9UU

Score

5^/10

defense_evasion discovery execution privilege_escalation

Malware Config

Targets

- Target
  
  Release/AdobeGenP-3.4.0.exe
- Size
  
  1.1MB
- MD5
  
  61632e53d1a8283f9365a3045fc0ae1a
- SHA1
  
  74ef571b26a91b80a087d016b388cbc1d56904f8
- SHA256
  
  8a634f215aed7e22c8b5e58ee687914ffa675b37041b6cd21e84652b96ecf9a1
- SHA512
  
  49b8e29fbfedc2311e6eabf104fb4aef1d134c6b837a62119508aa39d4142207c604692027e746711dda9993b9347784b932aae6fa25b806c704992e8acb67c1
- SSDEEP
  
  24576:6qDEvCTbMWu7rQYlBQcBiT6rprG8aSHeqtGf7oh:6TvC/MTQYxsWR7aSHeqta7o
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  Source/AdobeGenP-3.4.0.au3
- Size
  
  71KB
- MD5
  
  d91245383dfcc472296db34a60558746
- SHA1
  
  316ccbaa309ab8070666993788d240dd6a760b61
- SHA256
  
  1e0ceabb65bcce0c367b7a8decc6c6fa4413d4b69993dac15980215f87ef62f7
- SHA512
  
  d184d7c7eabb29a3307aa1622e0b1244f0e0650fd17bf992b246ee8edd5ba5817d0e7f6671843095d712c8010a7f38c6eb194b02df1ee57235ef4342ed98214a
- SSDEEP
  
  1536:y8Gz9hYbcpvSwKVLouPbusYWugo9zfmR7vNY7t:KaVLLPbusYWugo9rmR7vO
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  Source/RunAsTI.exe
- Size
  
  26KB
- MD5
  
  80454e70784f1ddb0c91d41469e2498d
- SHA1
  
  2f3f04ef670895de12cdfbae17c9d427e7caa97a
- SHA256
  
  a3e0ba70ba908de8a75825c3a1ff36147e02c686280993c2caa8a9a6968764b0
- SHA512
  
  709ed0fc9e2520a5beb57379e90be12cac680060b4c72ff50e9d9897f3a4d7a57f84b9be04b78974e6f6b73cda7202bfc617835cee3011eed7f0ee6f5e82edf7
- SSDEEP
  
  384:8ZKqqO+5wZY//IfBbSh2u3JZEV065fC7iwUUukfR3lacMWkNgWwCy2nYPLN:+tqN5YYUBmcu5C6HrNJUbgWwCZC
Score

3^/10

defense_evasion privilege_escalation
behavioral5 behavioral6
- Target
  
  缘本初见︱分享实用好软件！ʷʷʷ.⁵²ʸᵇᶜʲ.ᶜᵒᵐ.url
- Size
  
  113B
- MD5
  
  848519680a1c8e5d06658613b320ad79
- SHA1
  
  71e3edb18356f6271d29545f772733df09fa8fdb
- SHA256
  
  03e9fed15563d77a4325aaf2d9f740212c00b3019560c2a02bf07db266a2783e
- SHA512
  
  51fd0e1cc5e9ceb00d995b0d438b1268f2a5002af03bb8d4ba906a01a6e75c9e9af019d1a7caf610179ed4dafe59205f2eaf30eb5e0e6260dce3c52e3c1ce6f5
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

defense_evasionprivilege_escalation

behavioral6

defense_evasionprivilege_escalation

behavioral7

behavioral8