General
-
Target
b4367c1e20abec503e3e029349219ff1
-
Size
196KB
-
Sample
240305-jyz1aaba84
-
MD5
b4367c1e20abec503e3e029349219ff1
-
SHA1
dc405b55fbe5244b78e3510a49366502d3f4c640
-
SHA256
09a11b820f5e99d2d3e6341a175b193735a5f2a24ded2c5c4c5e883b68a7fbfd
-
SHA512
092ce38e30588e32fcbceddb2b37eec639a75d3665d65ee9413b6ae471a02f735063ccec7b49cec3945e0d0f13953fda715295cfee3e569d92bac242490b3d58
-
SSDEEP
1536:DL1blQbEYPHbAQ69ECYUSvQktGj2Dee4d6Iis4MmDm2xB/Sbigu4gjLKCS7+t:CQ6DS/peMmnu5u4gjqQ
Malware Config
Targets
-
-
Target
b4367c1e20abec503e3e029349219ff1
-
Size
196KB
-
MD5
b4367c1e20abec503e3e029349219ff1
-
SHA1
dc405b55fbe5244b78e3510a49366502d3f4c640
-
SHA256
09a11b820f5e99d2d3e6341a175b193735a5f2a24ded2c5c4c5e883b68a7fbfd
-
SHA512
092ce38e30588e32fcbceddb2b37eec639a75d3665d65ee9413b6ae471a02f735063ccec7b49cec3945e0d0f13953fda715295cfee3e569d92bac242490b3d58
-
SSDEEP
1536:DL1blQbEYPHbAQ69ECYUSvQktGj2Dee4d6Iis4MmDm2xB/Sbigu4gjLKCS7+t:CQ6DS/peMmnu5u4gjqQ
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
UAC bypass
-
Windows security bypass
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1