General
-
Target
150535e34319c501396581f92a56eaa3
-
Size
188KB
-
Sample
231224-16pmysdbc5
-
MD5
150535e34319c501396581f92a56eaa3
-
SHA1
d01863c1096116c23333d25a97dfb7361f0eb669
-
SHA256
48a826fabeed4ad6834331ff9f1deb9383722e42a20472f52451197c62243519
-
SHA512
ddad61957df51c35123318912cee5fa0bd84005a4079d8af3be54ca4b220568e29fec7d64a588a81eb25f6b8871dd20a46287a3761a5ea79c8c069371213e1ea
-
SSDEEP
3072:0d9Ld9vYHXzgIKjSZvlkXjTdscOT7tBf9le5nQ9RSwLJKH8tZBFuLmyv0p32:cIXzgIKjMkzScOTrDeNQ9zLJKctZBFpk
Malware Config
Targets
-
-
Target
150535e34319c501396581f92a56eaa3
-
Size
188KB
-
MD5
150535e34319c501396581f92a56eaa3
-
SHA1
d01863c1096116c23333d25a97dfb7361f0eb669
-
SHA256
48a826fabeed4ad6834331ff9f1deb9383722e42a20472f52451197c62243519
-
SHA512
ddad61957df51c35123318912cee5fa0bd84005a4079d8af3be54ca4b220568e29fec7d64a588a81eb25f6b8871dd20a46287a3761a5ea79c8c069371213e1ea
-
SSDEEP
3072:0d9Ld9vYHXzgIKjSZvlkXjTdscOT7tBf9le5nQ9RSwLJKH8tZBFuLmyv0p32:cIXzgIKjMkzScOTrDeNQ9zLJKctZBFpk
Score10/10-
Modifies firewall policy service
-
UAC bypass
-
Drops file in Drivers directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1