General
-
Target
21c3c367eeeb6174276891ad87e9879a
-
Size
31KB
-
Sample
231231-atgtgafbcj
-
MD5
21c3c367eeeb6174276891ad87e9879a
-
SHA1
a8363b5ca07877cf06ca16712ba4b56963589736
-
SHA256
b01280a4c6fdab5e4bc54cf5865b3bf0740067a70c2eacf2fe795f0c18db927a
-
SHA512
4fb1d48227b3dab7d8694965bd332ed16d0b56929caa17a1ebcb240344eb20518d903d81ef21d4096ec5577124ff07a39e77565a09a0b7dcdf4c320684510d22
-
SSDEEP
768:VbMk8T8t4U0XYbWkUaWfeyZ0HDkjiPcnbcuyD7UjNWGg:Vw+P0obWkUwSjPnouy8JS
Malware Config
Targets
-
-
Target
21c3c367eeeb6174276891ad87e9879a
-
Size
31KB
-
MD5
21c3c367eeeb6174276891ad87e9879a
-
SHA1
a8363b5ca07877cf06ca16712ba4b56963589736
-
SHA256
b01280a4c6fdab5e4bc54cf5865b3bf0740067a70c2eacf2fe795f0c18db927a
-
SHA512
4fb1d48227b3dab7d8694965bd332ed16d0b56929caa17a1ebcb240344eb20518d903d81ef21d4096ec5577124ff07a39e77565a09a0b7dcdf4c320684510d22
-
SSDEEP
768:VbMk8T8t4U0XYbWkUaWfeyZ0HDkjiPcnbcuyD7UjNWGg:Vw+P0obWkUwSjPnouy8JS
Score10/10-
UAC bypass
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3