2ad01fbc49901f3f3430ec2bc184b42cd454c779e49e6b7fe52d1687df69563a | Triage

Submit
Reports

Overview

overview

8

Static

static

3

winchancho...ed.exe

windows11-21h2-x64

8

Sharing

General

Target

winchancho_combined.exe
Size

4.9MB
Sample

250328-28hg4avp19
MD5

879a44649956c2c14557d1362436ebf4
SHA1

9f7a58ae7fc3d12c3eef167a89a1f80826273a68
SHA256

2ad01fbc49901f3f3430ec2bc184b42cd454c779e49e6b7fe52d1687df69563a
SHA512

57dd8761f5ef53475d23a94026c2b6c48ce1891c9d9d6fba74469d1237796910292e9676825b7525ae9d918c2063ef681f8bad50d0162dab8a3f3148f95cb8a8
SSDEEP

98304:xHFEFEVDxuqqITjatL2QU35zZpnKFEF3FD:xlc0NapG3FCc1

Score

8^/10

defense_evasion discovery exploit

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

winchancho_combined.exe

Resource

win11-20250313-en

defense_evasion discovery exploit

windows11-21h2-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  winchancho_combined.exe
- Size
  
  4.9MB
- MD5
  
  879a44649956c2c14557d1362436ebf4
- SHA1
  
  9f7a58ae7fc3d12c3eef167a89a1f80826273a68
- SHA256
  
  2ad01fbc49901f3f3430ec2bc184b42cd454c779e49e6b7fe52d1687df69563a
- SHA512
  
  57dd8761f5ef53475d23a94026c2b6c48ce1891c9d9d6fba74469d1237796910292e9676825b7525ae9d918c2063ef681f8bad50d0162dab8a3f3148f95cb8a8
- SSDEEP
  
  98304:xHFEFEVDxuqqITjatL2QU35zZpnKFEF3FD:xlc0NapG3FCc1
Score

8^/10

defense_evasion discovery exploit
- Disables Task Manager via registry modification
  defense_evasion
- Possible privilege escalation attempt
  exploit
- Executes dropped EXE
- Modifies file permissions
  discovery
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryexploit

© 2018-2025

Terms | Privacy