3eb17d6339fbc7aee72f05936cef737692f7d96a8ba15970b9da3a998a9f3887 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Stardock S...et.rar

windows11-21h2-x64

7

Resubmissions

01-07-2024 04:15

240701-evn2dsyhpp 7

01-07-2024 04:14

240701-etv4bawclc 7

Sharing

General

Target

Stardock Start11 v2.0.7.4 - HaxPC.net.rar
Size

50.4MB
Sample

240701-evn2dsyhpp
MD5

4e5147ecb92436c973fa8dc95fda2dfd
SHA1

fded7b375eb7c1a687f9ecf82dca2dde82c7ef67
SHA256

3eb17d6339fbc7aee72f05936cef737692f7d96a8ba15970b9da3a998a9f3887
SHA512

3001b43d35b86fd4653cdb1ab2380f04688979c2118851c0c0ed325d1b717810494b79a30b594e3b65f3030b1330222e218e1112f257317761e4dd11873d3adf
SSDEEP

1572864:kxftmqJM7A9Ey/Hrhj1Po1DhW7bs5tbbsOH4PB3:kh67wh/HrhjFUW/IbC3

Score

7^/10

discovery persistence privilege_escalation upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Stardock Start11 v2.0.7.4 - HaxPC.net.rar

Resource

win11-20240508-en

discovery persistence privilege_escalation upx

windows11-21h2-x64

19 signatures

600 seconds

Malware Config

Targets

- Target
  
  Stardock Start11 v2.0.7.4 - HaxPC.net.rar
- Size
  
  50.4MB
- MD5
  
  4e5147ecb92436c973fa8dc95fda2dfd
- SHA1
  
  fded7b375eb7c1a687f9ecf82dca2dde82c7ef67
- SHA256
  
  3eb17d6339fbc7aee72f05936cef737692f7d96a8ba15970b9da3a998a9f3887
- SHA512
  
  3001b43d35b86fd4653cdb1ab2380f04688979c2118851c0c0ed325d1b717810494b79a30b594e3b65f3030b1330222e218e1112f257317761e4dd11873d3adf
- SSDEEP
  
  1572864:kxftmqJM7A9Ey/Hrhj1Po1DhW7bs5tbbsOH4PB3:kh67wh/HrhjFUW/IbC3
Score

7^/10

discovery persistence privilege_escalation upx
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Change Default File Association

Component Object Model Hijacking

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalationupx

© 2018-2024

Terms | Privacy