ca8f9b9bd36906f10a3b358375dee4c877ce2806c0d696c269bda932e7a4e632 | Triage

Sharing

General

Target

ca8f9b9bd36906f10a3b358375dee4c877ce2806c0d696c269bda932e7a4e632
Size

314KB
Sample

241014-ebgszascmq
MD5

e001f245442dddb4ffa43ab9dfa7128e
SHA1

746dfbc1ceefd6744fa8ff22a5f371ad10d80ec1
SHA256

ca8f9b9bd36906f10a3b358375dee4c877ce2806c0d696c269bda932e7a4e632
SHA512

ac85d6b8dae10c4232266581942359ffad89459672ba2811a642415a5cdb196c983e8a3af73075be19998a30bd997d7f009d2157187f38ddd36e5923c53a8558
SSDEEP

6144:v4E31UUn9SXHt3zvLq6r9j4E31UUn9SXHt3zvLD:v4i1dn9qtZrx4i1dn9qtj

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  ca8f9b9bd36906f10a3b358375dee4c877ce2806c0d696c269bda932e7a4e632
- Size
  
  314KB
- MD5
  
  e001f245442dddb4ffa43ab9dfa7128e
- SHA1
  
  746dfbc1ceefd6744fa8ff22a5f371ad10d80ec1
- SHA256
  
  ca8f9b9bd36906f10a3b358375dee4c877ce2806c0d696c269bda932e7a4e632
- SHA512
  
  ac85d6b8dae10c4232266581942359ffad89459672ba2811a642415a5cdb196c983e8a3af73075be19998a30bd997d7f009d2157187f38ddd36e5923c53a8558
- SSDEEP
  
  6144:v4E31UUn9SXHt3zvLq6r9j4E31UUn9SXHt3zvLD:v4i1dn9qtZrx4i1dn9qtj
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation