fd7af6283feed5a93d769d404bfc3a6f1f8361823cbb51d12a9ee9a5640ae654

General

Target

M Centers 8th Edition 8.0.1.3 x64.zip
Size

5.4MB
Sample

241202-wtgdla1qap
MD5

45e79c6885617d804b3cd32374b73c35
SHA1

4fdbff28617c4a42df7584767bb55970cc071411
SHA256

fd7af6283feed5a93d769d404bfc3a6f1f8361823cbb51d12a9ee9a5640ae654
SHA512

36ab5eb3f2feade7bc8245c9e02ab2885d89d1016667b296f1fb7c0b55ba8448a82a42a6ebe7bb19154e9f27008f1b1fb48d9571572f218714400c582489a772
SSDEEP

98304:h7bWJRBNof5rGnJZ4Kvm0pzrZM8atV4ef2KrqUrMrEDf4OPoiwbEyiO8PKNvlCyQ:hPGHoflA4KvmMXZyfDeUrM8o6PElCyPo

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  FluentWPF.dll
- Size
  
  223KB
- MD5
  
  908668ffde26ab371a2ef711206aa05d
- SHA1
  
  95b60c69c199edd937960d22b793f5e6143c00ac
- SHA256
  
  8e136ec981ed7d7abf0c8153db901fcd9e7a311a61e209d88a9ca2b51fc17838
- SHA512
  
  36c1ef092ee2ddd9640c6c74ab2d76bb61f62415892b9bcddf93772b604c4b45c9ef88834aecac76ef2f0fa38317f74b889cd26436ab0c6a998b803cdf7a023e
- SSDEEP
  
  3072:y56b2y/fw0rvK/mYYA7dTLakKj5/gJxJtxAtEjeznuWRamV3QxoHS9:v2uw0rvK5NJbtxiECrZamV3QSHS
Score

1^/10
behavioral1
- Target
  
  M Centers.exe
- Size
  
  1.6MB
- MD5
  
  1d3d75fa1c81b55d68500d95a92807fb
- SHA1
  
  c45be1e05788005a24e4c73628d1f85003890957
- SHA256
  
  5f405489a7f6c67bbcc130ebbb272a99bde94b0d01b1b958f6f05580fb58a2d3
- SHA512
  
  b910ed4d71503d888d004b28b4991f8d5b8635ad0fb708cc987f4996a1f4e6ee22469f0c9c29946913988fea3163c5f6e313fdf643249eba4adf9d5df0cfcc83
- SSDEEP
  
  49152:Lj2I6gR13Be4vZ+5o12w1cRTTQAwnnsn3nmB:nPRNXBGhw1wTEAwnnsn3nmB
Score

8^/10

discovery exploit
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral2
- Target
  
  MCentersLibrary.dll
- Size
  
  574KB
- MD5
  
  b7e0fae475b740863ff755f83c797d81
- SHA1
  
  1c6ac23e43f0e17d4175f49fb7310bd42bdc1633
- SHA256
  
  a72909c32b024dd8304bd62472a18b778411456af0fc1ac74de762d1258917e3
- SHA512
  
  bad5c407527434bf2b680775fa045cbd70c8be2d41bdbd51822efe20c694ddbc46b3e145055f293b3bdb39fa22a5952750eb83973d3c060f432c10b7ebcbba02
- SSDEEP
  
  6144:5XMGVqzDn8zTxxvofmCKYCpY+H6bNwnS+drQQAGuajh5A3KqyM40NDcL:rY8plUtcpNS+5V/ua2MB
Score

1^/10
behavioral3
- Target
  
  MaterialDesignColors.dll
- Size
  
  309KB
- MD5
  
  51544fc07bb8b88d2f1e87b8f4c32ce6
- SHA1
  
  e235a3e713ae6a949acab603d9001efd529cee1c
- SHA256
  
  f06826845732d945421c341c8d1abb337ab9a2e757d90a763ac618aa445bf63e
- SHA512
  
  a775856275b1eb6996509517f86eaa8e9f9c07273164e207abf415ebf19b6ef93d2ef002f29b5e926b5ca6d1861b3dc966aa272876abd7f6a400fd30fa4480a9
- SSDEEP
  
  3072:6MrRCSKC/v3cItK0HefMgKqeN+IrUkxgJ:6MrRCSKC/v3cIpH
Score

1^/10
behavioral4
- Target
  
  MaterialDesignThemes.Wpf.dll
- Size
  
  9.4MB
- MD5
  
  05347205b59c343705c5b1da21d8f9d3
- SHA1
  
  2a019a5a7d0388fe278efa63a7659a987d850aa8
- SHA256
  
  f8144c2d063144a98e6faa4e4d6f11cb3d08d20313e196cdd03addb8186ca6fd
- SHA512
  
  8c29c3aea7f13c0fdd8efcf4646f20ac28a56c5851f9ed27be90d9dc52868f412e52fdc6ab69a25269cc79f7db06fd6416ee8802ff150e375154e36497f6dad1
- SSDEEP
  
  98304:6Xg2XJDntBksKY+ND3WyA4+TLVei10vMzPv8/4C8B5XVS49Xzy83IiEcJMrCR2fP:6wgnJ45/9iD54+V11bFv4z
Score

1^/10
behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

1

T1222

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

1

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Possible privilege escalation attempt

Modifies file permissions

Legitimate hosting services abused for malware hosting/C2

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5