General
-
Target
https://www.venix.pro/download
-
Sample
231126-s34npsac4y
Malware Config
Targets
-
-
Target
https://www.venix.pro/download
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Modifies security service
-
Modifies visibility of file extensions in Explorer
-
UAC bypass
-
Modifies boot configuration data using bcdedit
-
Disables taskbar notifications via registry modification
-
Modifies Installed Components in the registry
-
Possible privilege escalation attempt
-
Sets file execution options in registry
-
Modifies file permissions
-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Drops desktop.ini file(s)
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Browser Extensions
1Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Change Default File Association
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1File and Directory Permissions Modification
1Hide Artifacts
1Hidden Files and Directories
1Impair Defenses
2Disable or Modify Tools
2Modify Registry
9