Overview

overview

7

Static

static

3

7z1604-x64.exe

windows7-x64

7

7z1604-x64.exe

windows10-2004-x64

7

Resubmissions

21-10-2024 18:01

241021-wly9fazerc 7

21-10-2024 17:58

241021-wkcn2ssbkq 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7z1604-x64.exe

  • Size

    1.3MB

  • Sample

    241021-wkcn2ssbkq

  • MD5

    04584f3aed5b27fd0ac2751b36273d94

  • SHA1

    338a5cc5200e98edd644fc21807fdbe59910c4d0

  • SHA256

    9bb4dc4fab2a2a45c15723c259dc2f7313c89a5ac55ab7c3f76bba26edc8bcaa

  • SHA512

    c5ec75c033970fefe0183285e35360308caa6094ded453bc5542761cd2b569a176183ca357bbdad764fa55ff42ed1d2f58f4bfec0be35b544becf32f427eb6ff

  • SSDEEP

    24576:hVeZ9gktMU54pUt9BQyMr+8H0L1KUblL2ltZH16x1kXbqHcb1EUn9irtU5c+OqyZ:hVwgAP58U5652pboZH16xGLuo1Eo9iZr

Score
7/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      7z1604-x64.exe

    • Size

      1.3MB

    • MD5

      04584f3aed5b27fd0ac2751b36273d94

    • SHA1

      338a5cc5200e98edd644fc21807fdbe59910c4d0

    • SHA256

      9bb4dc4fab2a2a45c15723c259dc2f7313c89a5ac55ab7c3f76bba26edc8bcaa

    • SHA512

      c5ec75c033970fefe0183285e35360308caa6094ded453bc5542761cd2b569a176183ca357bbdad764fa55ff42ed1d2f58f4bfec0be35b544becf32f427eb6ff

    • SSDEEP

      24576:hVeZ9gktMU54pUt9BQyMr+8H0L1KUblL2ltZH16x1kXbqHcb1EUn9irtU5c+OqyZ:hVwgAP58U5652pboZH16xGLuo1Eo9iZr

    Score
    7/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks