General
-
Target
9331b11f2dc7d1d2418afd2353c8d54667dbfa73bedffa95bfeeec60c0f49589
-
Size
284KB
-
Sample
221205-z4a64sge78
-
MD5
c931625bd62e3ec7c39cd3670fa1d823
-
SHA1
851f15db032fb1a7be90c94ad0b4115502bde754
-
SHA256
9331b11f2dc7d1d2418afd2353c8d54667dbfa73bedffa95bfeeec60c0f49589
-
SHA512
14c2401b892cb282f7ed2d64cad1d832ff6467573a0ba232827b14089caa5bdcc82bc129e49da40648ee282f093510168f5d55b676d08c7af3833fb8f7e6c5a4
-
SSDEEP
6144:3KbDa37D80pjh9cV3VaowYoKY2K/lVQgOKZfMP2bPBjLIl48Bh:aqLDbjc5V9wYFwVQOs2rBjkl1h
Malware Config
Targets
-
-
Target
9331b11f2dc7d1d2418afd2353c8d54667dbfa73bedffa95bfeeec60c0f49589
-
Size
284KB
-
MD5
c931625bd62e3ec7c39cd3670fa1d823
-
SHA1
851f15db032fb1a7be90c94ad0b4115502bde754
-
SHA256
9331b11f2dc7d1d2418afd2353c8d54667dbfa73bedffa95bfeeec60c0f49589
-
SHA512
14c2401b892cb282f7ed2d64cad1d832ff6467573a0ba232827b14089caa5bdcc82bc129e49da40648ee282f093510168f5d55b676d08c7af3833fb8f7e6c5a4
-
SSDEEP
6144:3KbDa37D80pjh9cV3VaowYoKY2K/lVQgOKZfMP2bPBjLIl48Bh:aqLDbjc5V9wYFwVQOs2rBjkl1h
Score10/10-
UAC bypass
-
Windows security bypass
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-