General
-
Target
Stardock Start11 v2.0.7.4 - HaxPC.net.rar
-
Size
50.4MB
-
Sample
240701-evn2dsyhpp
-
MD5
4e5147ecb92436c973fa8dc95fda2dfd
-
SHA1
fded7b375eb7c1a687f9ecf82dca2dde82c7ef67
-
SHA256
3eb17d6339fbc7aee72f05936cef737692f7d96a8ba15970b9da3a998a9f3887
-
SHA512
3001b43d35b86fd4653cdb1ab2380f04688979c2118851c0c0ed325d1b717810494b79a30b594e3b65f3030b1330222e218e1112f257317761e4dd11873d3adf
-
SSDEEP
1572864:kxftmqJM7A9Ey/Hrhj1Po1DhW7bs5tbbsOH4PB3:kh67wh/HrhjFUW/IbC3
Static task
static1
Behavioral task
behavioral1
Sample
Stardock Start11 v2.0.7.4 - HaxPC.net.rar
Resource
win11-20240508-en
Malware Config
Targets
-
-
Target
Stardock Start11 v2.0.7.4 - HaxPC.net.rar
-
Size
50.4MB
-
MD5
4e5147ecb92436c973fa8dc95fda2dfd
-
SHA1
fded7b375eb7c1a687f9ecf82dca2dde82c7ef67
-
SHA256
3eb17d6339fbc7aee72f05936cef737692f7d96a8ba15970b9da3a998a9f3887
-
SHA512
3001b43d35b86fd4653cdb1ab2380f04688979c2118851c0c0ed325d1b717810494b79a30b594e3b65f3030b1330222e218e1112f257317761e4dd11873d3adf
-
SSDEEP
1572864:kxftmqJM7A9Ey/Hrhj1Po1DhW7bs5tbbsOH4PB3:kh67wh/HrhjFUW/IbC3
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Event Triggered Execution
2Change Default File Association
1Component Object Model Hijacking
1Privilege Escalation
Event Triggered Execution
2Change Default File Association
1Component Object Model Hijacking
1