6492d64dd9adc69ccf4882f6d081e591660a06722c41456ad13c9505c793980e | Triage

Sharing

General

Target

HC-X-main.zip
Size

3.6MB
Sample

250108-vt5whsyqbm
MD5

40b7f9b409e2e24230403d1a952e3b3f
SHA1

968559960e1cb6f57290ecee193c0ba782976c63
SHA256

6492d64dd9adc69ccf4882f6d081e591660a06722c41456ad13c9505c793980e
SHA512

e7e6bbed8907956ba5397830ea9cfaf0e1aa1c8699a990a0a5caa938a0ba1b24e11beaf1f5418b311368fdd1e30e7f70a4041c1224eec4b89cffea769f863f33
SSDEEP

98304:ka/Nd60Kt44snkQ7EI0vjRpwc5nODw1K4h7TzNAIxYNvj:kqItYkQ2vbwc5BXa97

Score

5^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  ee/src.exe
- Size
  
  3.8MB
- MD5
  
  46c17c999744470b689331f41eab7df1
- SHA1
  
  b8a63127df6a87d333061c622220d6d70ed80f7c
- SHA256
  
  c5b5def1c8882b702b6b25cbd94461c737bc151366d2d9eba5006c04886bfc9a
- SHA512
  
  4b02a3e85b699f62df1b4fe752c4dee08cfabc9b8bb316bc39b854bd5187fc602943a95788ec680c7d3dc2c26ad882e69c0740294bd6cb3b32cdcd165a9441b6
- SSDEEP
  
  98304:6NRBOBfKgQIm9EOTqw8vjh9Ac9nUNupK4hVvcF+yHrAr:sR/gmeOqv7Ac9F0kB
Score

5^/10

discovery persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Change Default File Association

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2