0af3c3c3ddc5761a8a02a38b827eedcb6669096da5222e4c93e39ea79b1df392 | Triage

Resubmissions

14-10-2024 23:51

241014-3we2wawgll 7

14-10-2024 23:49

241014-3vf8jssfka 10

Sharing

General

Target

niggers.exe
Size

7.8MB
Sample

241014-3we2wawgll
MD5

df1d332701dba8a7312877093b0786c1
SHA1

f6461519a41c70f8f7a93f1b42e5c3aa72ab6e32
SHA256

0af3c3c3ddc5761a8a02a38b827eedcb6669096da5222e4c93e39ea79b1df392
SHA512

140832ec54b8c240b92a1d004530b46e48312d4a38311dc90ed504b96942c1708e660a69e665b8917fb5a2c2d73072e2b1329bd5bcb507bc4f88a7830fc0ec4b
SSDEEP

196608:ijV2D6FSA1HeT39Iig5Tet4Q4GEX/O2XNsIJMsbnMYI93:WV2Dq1+TtIiOS2NXNsIasbncx

Score

7^/10

discovery persistence privilege_escalation pyinstaller

Malware Config

Targets

- Target
  
  niggers.exe
- Size
  
  7.8MB
- MD5
  
  df1d332701dba8a7312877093b0786c1
- SHA1
  
  f6461519a41c70f8f7a93f1b42e5c3aa72ab6e32
- SHA256
  
  0af3c3c3ddc5761a8a02a38b827eedcb6669096da5222e4c93e39ea79b1df392
- SHA512
  
  140832ec54b8c240b92a1d004530b46e48312d4a38311dc90ed504b96942c1708e660a69e665b8917fb5a2c2d73072e2b1329bd5bcb507bc4f88a7830fc0ec4b
- SSDEEP
  
  196608:ijV2D6FSA1HeT39Iig5Tet4Q4GEX/O2XNsIJMsbnMYI93:WV2Dq1+TtIiOS2NXNsIasbncx
Score

7^/10

discovery persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Change Default File Association

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation