General
-
Target
rocketlegacy.zip
-
Size
9.9MB
-
Sample
241202-xc8l7aspbq
-
MD5
6606e132f968e8716170f5488d179bf5
-
SHA1
600bf30ab4493304e30a15a0cd38cc34291b380f
-
SHA256
9371a656feffb9e8e4fe70ce3fa01352af3035b5afaddbe4332442fc1dbb8ff0
-
SHA512
d0294c4b5d0848df0ca7ec16a2cb8f126395ff165ef56ea7f2baaeb397f5874add7977356cd7a9de270f316a2c2a1bdc2d1a48f64d1b08b6f7f53f5a4027da7e
-
SSDEEP
196608:z60MEYvVQEpDLOfnfjB8ySXQu+ZNcwi5CKM6iDf6PoG9QZ7j:5OLpPOf7QAu4cMKM6iT6Pz98j
Malware Config
Targets
-
-
Target
My Program/RockerLegacy.exe
-
Size
3.8MB
-
MD5
46c17c999744470b689331f41eab7df1
-
SHA1
b8a63127df6a87d333061c622220d6d70ed80f7c
-
SHA256
c5b5def1c8882b702b6b25cbd94461c737bc151366d2d9eba5006c04886bfc9a
-
SHA512
4b02a3e85b699f62df1b4fe752c4dee08cfabc9b8bb316bc39b854bd5187fc602943a95788ec680c7d3dc2c26ad882e69c0740294bd6cb3b32cdcd165a9441b6
-
SSDEEP
98304:6NRBOBfKgQIm9EOTqw8vjh9Ac9nUNupK4hVvcF+yHrAr:sR/gmeOqv7Ac9F0kB
Score5/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
2Change Default File Association
1Component Object Model Hijacking
1Privilege Escalation
Event Triggered Execution
2Change Default File Association
1Component Object Model Hijacking
1