bd9f5d0729fc028d6f34a68f85e7ec1522ca0b24a19f1f8254ee2f3afd572cb9 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

MEmu-setup...07.exe

windows11-21h2-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

MEmu-setup-abroad-bd9f5d07.exe
Size

135.9MB
Sample

240921-w759wawhpg
MD5

9c0df06fa83162f2381ab7b1f6f3c1cc
SHA1

535237a065eaae13ba44d86c702c05e531a5bc14
SHA256

bd9f5d0729fc028d6f34a68f85e7ec1522ca0b24a19f1f8254ee2f3afd572cb9
SHA512

b45e6d5ec3be64765f8ca13fd61fcc1b20cc01a07103752341440c60b74d5620b692f32ea78dc6bab8f39ef3ae195ae835cbe7405d589ce993df2f9878f44387
SSDEEP

3145728:8Yu8Q+I+MeooQsFecmasI8xTcawkYb+WsqAJnWJA7PUh:8fEdnsI8Nct4nsWUh

Score

8^/10

discovery persistence privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

MEmu-setup-abroad-bd9f5d07.exe

Resource

win11-20240802-en

discovery persistence privilege_escalation

windows11-21h2-x64

24 signatures

150 seconds

Malware Config

Targets

- Target
  
  MEmu-setup-abroad-bd9f5d07.exe
- Size
  
  135.9MB
- MD5
  
  9c0df06fa83162f2381ab7b1f6f3c1cc
- SHA1
  
  535237a065eaae13ba44d86c702c05e531a5bc14
- SHA256
  
  bd9f5d0729fc028d6f34a68f85e7ec1522ca0b24a19f1f8254ee2f3afd572cb9
- SHA512
  
  b45e6d5ec3be64765f8ca13fd61fcc1b20cc01a07103752341440c60b74d5620b692f32ea78dc6bab8f39ef3ae195ae835cbe7405d589ce993df2f9878f44387
- SSDEEP
  
  3145728:8Yu8Q+I+MeooQsFecmasI8xTcawkYb+WsqAJnWJA7PUh:8fEdnsI8Nct4nsWUh
Score

8^/10

discovery persistence privilege_escalation
- Drops file in Drivers directory
- Downloads MZ/PE file
- Drops file in System32 directory
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

© 2018-2025

Terms | Privacy