57d72f3bd135c39e65cbb7007e4812e81cf4872c00c98f623ad397767bc956ec | Triage

Sharing

General

Target

57d72f3bd135c39e65cbb7007e4812e81cf4872c00c98f623ad397767bc956ecN
Size

124KB
Sample

240919-gtxm9avbnp
MD5

e52f9db09dda6a578a7769827a4f1d50
SHA1

d532833f66d6c28eb8dfe685448be0a36987105a
SHA256

57d72f3bd135c39e65cbb7007e4812e81cf4872c00c98f623ad397767bc956ec
SHA512

146dbcce74723739d3de2cf855ce4ce73205b0a5857c90d1e19294686136fb5fadac78a5a74839a162e8087f023cbaaea7b5a5bf7cdfbe8461e1d33688a7c09f
SSDEEP

3072:Ie0ISXBUJaFII7hShoE22Ha7o8WAE5zYUoh:38BUJNZtzT

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  57d72f3bd135c39e65cbb7007e4812e81cf4872c00c98f623ad397767bc956ecN
- Size
  
  124KB
- MD5
  
  e52f9db09dda6a578a7769827a4f1d50
- SHA1
  
  d532833f66d6c28eb8dfe685448be0a36987105a
- SHA256
  
  57d72f3bd135c39e65cbb7007e4812e81cf4872c00c98f623ad397767bc956ec
- SHA512
  
  146dbcce74723739d3de2cf855ce4ce73205b0a5857c90d1e19294686136fb5fadac78a5a74839a162e8087f023cbaaea7b5a5bf7cdfbe8461e1d33688a7c09f
- SSDEEP
  
  3072:Ie0ISXBUJaFII7hShoE22Ha7o8WAE5zYUoh:38BUJNZtzT
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation