General
-
Target
49a65d30709be68ba11acff16a647fcf.exe
-
Size
468KB
-
Sample
240107-x98nfscfdm
-
MD5
49a65d30709be68ba11acff16a647fcf
-
SHA1
0c6ec701428f29a90a13444554d9e95fb32ea334
-
SHA256
b8f6ec072228855067fc2db2aebf40e26f1d94a779045ad9244a0a4aee39d50c
-
SHA512
0e80d32243153bb874c8651db4c6f3f4d4db88d7ec4cb65a18d96b26c7766bd32e38ab8f81bb7c984b512ed1253638e0847bf584dd60d3b1f25d39106c1bb302
-
SSDEEP
6144:IwmkwZipSnj0GV9zqrPX6GH4flOx6h8/awhXyxlYPR2RZWPVlY2fI0BSdnvR4Y/+:FApoJx6Op4l/ZWLQ08n4794tqhkiukM
Malware Config
Targets
-
-
Target
49a65d30709be68ba11acff16a647fcf.exe
-
Size
468KB
-
MD5
49a65d30709be68ba11acff16a647fcf
-
SHA1
0c6ec701428f29a90a13444554d9e95fb32ea334
-
SHA256
b8f6ec072228855067fc2db2aebf40e26f1d94a779045ad9244a0a4aee39d50c
-
SHA512
0e80d32243153bb874c8651db4c6f3f4d4db88d7ec4cb65a18d96b26c7766bd32e38ab8f81bb7c984b512ed1253638e0847bf584dd60d3b1f25d39106c1bb302
-
SSDEEP
6144:IwmkwZipSnj0GV9zqrPX6GH4flOx6h8/awhXyxlYPR2RZWPVlY2fI0BSdnvR4Y/+:FApoJx6Op4l/ZWLQ08n4794tqhkiukM
Score10/10-
Modifies visibility of file extensions in Explorer
-
UAC bypass
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1