General
-
Target
adb.exe
-
Size
3.6MB
-
Sample
230825-qc6z2adf4w
-
MD5
9adf2f7c96af39b8bd41d7e8a83fd2ed
-
SHA1
a6e3b6104848f199c94a24aadaf1a3694c77088f
-
SHA256
8e2156e27fe23082e5018e62c2a0255edb6498c8991dee35337c4367b3457f98
-
SHA512
9d56db81ff4d0eab3c90251ce945a94d71bd723c9c577c8fe3fb7bfc6d9c8024a096b448401fe5c65188d8485333f97f3bd554c192f21f44b63e9067fa659a3b
-
SSDEEP
49152:5qe3f69ZtD5eGNs/LobnAe7DDQR+Dd7N1s5ZkP/ZC5yJJZmsKctlZm:QSi9Tlen4kCFv+ZiC5yJJZmWtlZm
Malware Config
Targets
-
-
Target
adb.exe
-
Size
3.6MB
-
MD5
9adf2f7c96af39b8bd41d7e8a83fd2ed
-
SHA1
a6e3b6104848f199c94a24aadaf1a3694c77088f
-
SHA256
8e2156e27fe23082e5018e62c2a0255edb6498c8991dee35337c4367b3457f98
-
SHA512
9d56db81ff4d0eab3c90251ce945a94d71bd723c9c577c8fe3fb7bfc6d9c8024a096b448401fe5c65188d8485333f97f3bd554c192f21f44b63e9067fa659a3b
-
SSDEEP
49152:5qe3f69ZtD5eGNs/LobnAe7DDQR+Dd7N1s5ZkP/ZC5yJJZmsKctlZm:QSi9Tlen4kCFv+ZiC5yJJZmWtlZm
Score10/10-
UAC bypass
-
Modifies boot configuration data using bcdedit
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1