dynamicrat | 7e8d5730213643eaba3ac42ab8eedba04d382d7a030c19a1f27d383514519f51 | Triage

Sharing

General

Target

c-users-vince-appdata-roaming-microsoft-windows-start-menu-programs-startup-jre-8u231-windows-x64-jar.zip
Size

21.8MB
Sample

241216-xx3xfayjcw
MD5

e033b8bb42f73a071dbb80a58fedef53
SHA1

dc2ee81a5c897c6512fbd9a06a804ba363ec7a58
SHA256

7e8d5730213643eaba3ac42ab8eedba04d382d7a030c19a1f27d383514519f51
SHA512

a34e98f1cb01a6cad0283bfb1d6288080ca7a3bb0c523c5a750794091b8ad4c76a9a566e53203e93938647acf8dbc71b1cf87a7a48efa9d203cd3fc882712764
SSDEEP

393216:FpzW9jkw+fM/C/yqur02Rok0m45996hJWrt0vYetWgwSBPuIPo/oqSBpp4x8TkpW:FpzKkBfM/C/yqujRotm459967WBhetDX

Score

10^/10

dynamicrat persistence privilege_escalation

Malware Config

Targets

- Target
  
  c-users-vince-appdata-roaming-microsoft-windows-start-menu-programs-startup-jre-8u231-windows-x64-jar
- Size
  
  23.4MB
- MD5
  
  9ffc1ded1643d2f1c0127f23ac3bd00f
- SHA1
  
  1e97894773bcf63adeba8d282d3921fe1224587d
- SHA256
  
  bb59ec29778a45324d437c67a0d18165b59823a01e78261a1c41c6a8069993fd
- SHA512
  
  9ad49f22d0f90a1e4604ca2fa09fd330b63c9f5035274f103875cdb153e914551d271bb31cadaaf719209492421f19a7695947b2bc54e542d49459f74d164462
- SSDEEP
  
  393216:FDq5bsW3WNInfzPbLu/xK0SghqfKvX95oELYirysSibdRD/Y/RsmeVeQXWl+FJ:hUwPNIrW5KpCqyXpLAsSixK/iRmUz
Score

7^/10

persistence privilege_escalation
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

persistenceprivilege_escalation