83b005b61017bb49005f1b0fe9836920625fc453dafa16f900dcce1ff5dcebef | Triage

Submit
Reports

Overview

overview

7

Static

static

3

dx.7z

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

dx.7z
Size

2.5MB
Sample

240929-wp9jksvajk
MD5

c810343ef806e02e9fcb68de10433963
SHA1

d22549cfb933fc7dadfc2d2a588451989c929ba5
SHA256

83b005b61017bb49005f1b0fe9836920625fc453dafa16f900dcce1ff5dcebef
SHA512

7bcafccdbe52d1c9d39aa4bfe8030d9cc19ebcec95c358e9e8a828b21dd6de2e63e2b666e26afb2ee911e390d42d4afd07e288a1d76337ce529f3ebfdd186e40
SSDEEP

49152:Dzu6nugyCPj2odc4L/QC1xi9OnTLGfDvwxpYv7uh0zXtVOYxT:D6vodn9B/sDYxpU7uhe9

Score

7^/10

discovery persistence privilege_escalation

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

dx.7z

Resource

win10v2004-20240802-en

discovery persistence privilege_escalation

windows10-2004-x64

19 signatures

600 seconds

Malware Config

Targets

- Target
  
  dx.7z
- Size
  
  2.5MB
- MD5
  
  c810343ef806e02e9fcb68de10433963
- SHA1
  
  d22549cfb933fc7dadfc2d2a588451989c929ba5
- SHA256
  
  83b005b61017bb49005f1b0fe9836920625fc453dafa16f900dcce1ff5dcebef
- SHA512
  
  7bcafccdbe52d1c9d39aa4bfe8030d9cc19ebcec95c358e9e8a828b21dd6de2e63e2b666e26afb2ee911e390d42d4afd07e288a1d76337ce529f3ebfdd186e40
- SSDEEP
  
  49152:Dzu6nugyCPj2odc4L/QC1xi9OnTLGfDvwxpYv7uh0zXtVOYxT:D6vodn9B/sDYxpU7uhe9
Score

7^/10

discovery persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

© 2018-2025

Terms | Privacy