36d34f2e576246efd6770839cf3f472a8e7272f5d207a70ae1672349e8fe79c6 | Triage

Sharing

General

Target

36d34f2e576246efd6770839cf3f472a8e7272f5d207a70ae1672349e8fe79c6.exe
Size

258KB
Sample

241119-teqydaxhkc
MD5

c7c80468f15b2f5306198b346d074515
SHA1

913d7839d7eaf52697fa4a34d09c15acd681a6ea
SHA256

36d34f2e576246efd6770839cf3f472a8e7272f5d207a70ae1672349e8fe79c6
SHA512

734de105b4e37c959e53cdc8ed6d00254043e8b3458cfda9ad820320708abac9af9a806fef2e336fe9032f5ba6cca05ea55322e8f4ff68768d271ec9bb86b3f3
SSDEEP

3072:cO56oJRQMumlCm3dqQiF7xAF/yPRFrPvE5JuiBmIX9pcL5C4F/+wAu:cOAoXQMumNFWO/crkHuiga8L5P9+4

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  36d34f2e576246efd6770839cf3f472a8e7272f5d207a70ae1672349e8fe79c6.exe
- Size
  
  258KB
- MD5
  
  c7c80468f15b2f5306198b346d074515
- SHA1
  
  913d7839d7eaf52697fa4a34d09c15acd681a6ea
- SHA256
  
  36d34f2e576246efd6770839cf3f472a8e7272f5d207a70ae1672349e8fe79c6
- SHA512
  
  734de105b4e37c959e53cdc8ed6d00254043e8b3458cfda9ad820320708abac9af9a806fef2e336fe9032f5ba6cca05ea55322e8f4ff68768d271ec9bb86b3f3
- SSDEEP
  
  3072:cO56oJRQMumlCm3dqQiF7xAF/yPRFrPvE5JuiBmIX9pcL5C4F/+wAu:cOAoXQMumNFWO/crkHuiga8L5P9+4
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation