General
-
Target
625a47d9db42e86c1fbb30b221956fe0_exe32.exe
-
Size
324KB
-
Sample
231015-ycq8ksbh7y
-
MD5
625a47d9db42e86c1fbb30b221956fe0
-
SHA1
07871f2b30a80a24b787d6dbc1a1564c6df97847
-
SHA256
49939f76f0db468d1fe3314b2aa7d6c9140a01358a99f2d09d206708ea61c1c1
-
SHA512
4534e9935cc9422ec3352c3ec5dc3d644b537129981f2ada420ac2fa55f53693ea462dbd14b467c6efebb551660dae65d8718bf46c728687ac660b3399196088
-
SSDEEP
6144:/pW2bgbbV28okoS1oWMkdlZQ5iioct0IwdNOutmW:/pW2IoioS66h
Malware Config
Targets
-
-
Target
625a47d9db42e86c1fbb30b221956fe0_exe32.exe
-
Size
324KB
-
MD5
625a47d9db42e86c1fbb30b221956fe0
-
SHA1
07871f2b30a80a24b787d6dbc1a1564c6df97847
-
SHA256
49939f76f0db468d1fe3314b2aa7d6c9140a01358a99f2d09d206708ea61c1c1
-
SHA512
4534e9935cc9422ec3352c3ec5dc3d644b537129981f2ada420ac2fa55f53693ea462dbd14b467c6efebb551660dae65d8718bf46c728687ac660b3399196088
-
SSDEEP
6144:/pW2bgbbV28okoS1oWMkdlZQ5iioct0IwdNOutmW:/pW2IoioS66h
Score10/10-
UAC bypass
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Modifies system executable filetype association
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Event Triggered Execution
1Change Default File Association
1