General
-
Target
baf8f498549a0c7fe9887400e7b44e5c
-
Size
201KB
-
Sample
240308-l168gsdb9v
-
MD5
baf8f498549a0c7fe9887400e7b44e5c
-
SHA1
3ee9890309714072e8a22633a8b7ac3e6cec1720
-
SHA256
d4c1c18012d84abc332a82ada956555289e86494d3a4b99febd7ee6a497afc75
-
SHA512
cd77add984851010083e1d45d4e571cba8cc4e0ad9a63bb95d2e5737da6440ee1124328c5aceb669b339b22f30397ba043576825cbdf09d8be966be5cbf413d3
-
SSDEEP
3072:xlbVxDAcCV0GYUdNvH6gomuVqdh+D5ib3UkXXHoamErz8/Xhg7Jkm5R:XV+0GYU7vH0/VQqEr8a9
Malware Config
Targets
-
-
Target
baf8f498549a0c7fe9887400e7b44e5c
-
Size
201KB
-
MD5
baf8f498549a0c7fe9887400e7b44e5c
-
SHA1
3ee9890309714072e8a22633a8b7ac3e6cec1720
-
SHA256
d4c1c18012d84abc332a82ada956555289e86494d3a4b99febd7ee6a497afc75
-
SHA512
cd77add984851010083e1d45d4e571cba8cc4e0ad9a63bb95d2e5737da6440ee1124328c5aceb669b339b22f30397ba043576825cbdf09d8be966be5cbf413d3
-
SSDEEP
3072:xlbVxDAcCV0GYUdNvH6gomuVqdh+D5ib3UkXXHoamErz8/Xhg7Jkm5R:XV+0GYU7vH0/VQqEr8a9
Score10/10-
UAC bypass
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1