General
-
Target
e7ab0c483542652a8ba5df01c70148b7.exe
-
Size
655KB
-
Sample
220302-d3mb4acff9
-
MD5
e7ab0c483542652a8ba5df01c70148b7
-
SHA1
fdfb0d76b28f2bf0e4b946c51fa2dd0f654ec259
-
SHA256
39feefb57167dd5ed9c900fa4b18aa815b955396ea3a298a5588bd9946d6a10d
-
SHA512
d24528a0572465c51d99247076f591737f60116e8bab9a877f7e5219d76b782383921c84cea395566e44e1160efd78974441648b6e60902b98a6d7246a01f6b9
Malware Config
Targets
-
-
Target
e7ab0c483542652a8ba5df01c70148b7.exe
-
Size
655KB
-
MD5
e7ab0c483542652a8ba5df01c70148b7
-
SHA1
fdfb0d76b28f2bf0e4b946c51fa2dd0f654ec259
-
SHA256
39feefb57167dd5ed9c900fa4b18aa815b955396ea3a298a5588bd9946d6a10d
-
SHA512
d24528a0572465c51d99247076f591737f60116e8bab9a877f7e5219d76b782383921c84cea395566e44e1160efd78974441648b6e60902b98a6d7246a01f6b9
Score10/10-
UAC bypass
-
Windows security bypass
-
XpertRAT
XpertRAT is a remote access trojan with various capabilities.
-
Adds policy Run key to start application
-
Windows security modification
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-