General
-
Target
IronArn18.exe
-
Size
7.0MB
-
Sample
250503-lx6sjsgm8s
-
MD5
3a59079e322814862dfdc206741b37b6
-
SHA1
46c9ee20cc7c6c33d82f42f07d0bde2730441b44
-
SHA256
8f4065f20d2561f40bb6f55cbab02308e5b5e372a9cb597d2bd4f836a9b2bf1b
-
SHA512
188b4570787fb1d68d5583e164ae5848983f64061bb034b58e40b4a5993828acd24e18a29d1eb0d9781551595e3847d5f87d249d8299120113e6481c64233f76
-
SSDEEP
98304:noWUGQ0nuaZMKdIyWuZhCMYkcIt5FkOwSrIcUsLXRL2wbLp8FPg6XwKKmF:nLFuoMKduurH/P/XRL4P2KKmF
Behavioral task
behavioral1
Sample
IronArn18.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
IronArn18.exe
-
Size
7.0MB
-
MD5
3a59079e322814862dfdc206741b37b6
-
SHA1
46c9ee20cc7c6c33d82f42f07d0bde2730441b44
-
SHA256
8f4065f20d2561f40bb6f55cbab02308e5b5e372a9cb597d2bd4f836a9b2bf1b
-
SHA512
188b4570787fb1d68d5583e164ae5848983f64061bb034b58e40b4a5993828acd24e18a29d1eb0d9781551595e3847d5f87d249d8299120113e6481c64233f76
-
SSDEEP
98304:noWUGQ0nuaZMKdIyWuZhCMYkcIt5FkOwSrIcUsLXRL2wbLp8FPg6XwKKmF:nLFuoMKduurH/P/XRL4P2KKmF
-
Clears Windows event logs
-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Creates new service(s)
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v16
Execution
Command and Scripting Interpreter
1PowerShell
1Scheduled Task/Job
1Scheduled Task
1System Services
1Service Execution
1Persistence
Account Manipulation
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Account Manipulation
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Scheduled Task
1