27a0deab7041d608e0cdcb90ac5fc39d6509b9a74d9724582169f5f1bbe2b6b1 | Triage

Sharing

General

Target

27a0deab7041d608e0cdcb90ac5fc39d6509b9a74d9724582169f5f1bbe2b6b1N
Size

92KB
Sample

240919-frffhssenj
MD5

e5d3549beec0d1fc9427341c313bb4a0
SHA1

b5ca6214edacf2cb3df79d03e7d274b6d7d0d0ca
SHA256

27a0deab7041d608e0cdcb90ac5fc39d6509b9a74d9724582169f5f1bbe2b6b1
SHA512

26ad8cffbb5a2eba9335f5ae7921a9f7a1f1711865b39b12bbf0db7e146f8cea2bc22c80d2d804823a2999916e4b66a8fc4adb76ff2599fc1537bbe243f06012
SSDEEP

1536:YHPBlTmR3ZiaMhJXzXaVkS/DTyNmcyYdt6EUI47KoxMWNLzMo:YvDu3nWjXc3/DsLdD8xxlzMo

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  27a0deab7041d608e0cdcb90ac5fc39d6509b9a74d9724582169f5f1bbe2b6b1N
- Size
  
  92KB
- MD5
  
  e5d3549beec0d1fc9427341c313bb4a0
- SHA1
  
  b5ca6214edacf2cb3df79d03e7d274b6d7d0d0ca
- SHA256
  
  27a0deab7041d608e0cdcb90ac5fc39d6509b9a74d9724582169f5f1bbe2b6b1
- SHA512
  
  26ad8cffbb5a2eba9335f5ae7921a9f7a1f1711865b39b12bbf0db7e146f8cea2bc22c80d2d804823a2999916e4b66a8fc4adb76ff2599fc1537bbe243f06012
- SSDEEP
  
  1536:YHPBlTmR3ZiaMhJXzXaVkS/DTyNmcyYdt6EUI47KoxMWNLzMo:YvDu3nWjXc3/DsLdD8xxlzMo
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation