General
-
Target
01e9007019c3b07fa881e53f9c400dfa
-
Size
30KB
-
Sample
231229-yax84scdam
-
MD5
01e9007019c3b07fa881e53f9c400dfa
-
SHA1
22d0438ba1fd0bc2af49f923ab5972be5e91db2d
-
SHA256
3c752ab3f1fba9dab9745d1e687b87a2c20471ac92c3e5644ec9522b77bf9c06
-
SHA512
532335c717224ac0dece26470189b9e6f58cea507c59060cb6358a0ac710d3381a3e8c18e63484fc06fbb29a2afa15d2f5ad0a376b5898a2bf442923b552cfca
-
SSDEEP
768:dzqdJWNqbx2dNanQmQqcyocxKWnbcuyD7UGNWGl:dMt2vanzxpHnouy8KP
Malware Config
Targets
-
-
Target
01e9007019c3b07fa881e53f9c400dfa
-
Size
30KB
-
MD5
01e9007019c3b07fa881e53f9c400dfa
-
SHA1
22d0438ba1fd0bc2af49f923ab5972be5e91db2d
-
SHA256
3c752ab3f1fba9dab9745d1e687b87a2c20471ac92c3e5644ec9522b77bf9c06
-
SHA512
532335c717224ac0dece26470189b9e6f58cea507c59060cb6358a0ac710d3381a3e8c18e63484fc06fbb29a2afa15d2f5ad0a376b5898a2bf442923b552cfca
-
SSDEEP
768:dzqdJWNqbx2dNanQmQqcyocxKWnbcuyD7UGNWGl:dMt2vanzxpHnouy8KP
Score10/10-
UAC bypass
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3