ce2daeaf4fcc6cf3499d6f1ab9d13e4c1db008fd50d48dcd9dfa496a561a135e | Triage

Submit
Reports

Overview

overview

Static

static

微软锁�...11.exe

windows7_x64

1

微软锁�...11.exe

windows10-2004_x64

Sharing

General

Target

微软锁屏画报_支持win10win11.exe
Size

4.2MB
Sample

220424-gxcr9aceej
MD5

ee1da257caaeb67a5b72d2f959d564cf
SHA1

81827ee5093db823ba9c1a1625af479dfad36659
SHA256

ce2daeaf4fcc6cf3499d6f1ab9d13e4c1db008fd50d48dcd9dfa496a561a135e
SHA512

f376405944062c1d9456a43cb229bc654113ee10323febe69a89ac75175a34012a40ef198ffed0f17d8ffe0e57f910a25ab45d88b45b12f6fd6791345efe2d16

Score

10^/10

discovery evasion exploit trojan

Static task

static1

Behavioral task

behavioral1

Sample

微软锁屏画报_支持win10win11.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

微软锁屏画报_支持win10win11.exe

Resource

win10v2004-20220414-en

discovery evasion exploit trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  微软锁屏画报_支持win10win11.exe
- Size
  
  4.2MB
- MD5
  
  ee1da257caaeb67a5b72d2f959d564cf
- SHA1
  
  81827ee5093db823ba9c1a1625af479dfad36659
- SHA256
  
  ce2daeaf4fcc6cf3499d6f1ab9d13e4c1db008fd50d48dcd9dfa496a561a135e
- SHA512
  
  f376405944062c1d9456a43cb229bc654113ee10323febe69a89ac75175a34012a40ef198ffed0f17d8ffe0e57f910a25ab45d88b45b12f6fd6791345efe2d16
Score

10^/10

discovery evasion exploit trojan
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

File Permissions Modification

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasionexploittrojan

© 2018-2024

Terms | Privacy