General
-
Target
SecuriteInfo.com.Win32.Evo-gen.23836.28931.exe
-
Size
8.2MB
-
Sample
240310-qrtm9ade63
-
MD5
61bc92300d1bdb57026a090e78e2adb0
-
SHA1
5ba41fdf8e1465873a51be0651d2fc93df1492da
-
SHA256
9e798c1d03cbcf16d59d11847ecb2eebe9e703b6e595d11129c0ce6c69beb635
-
SHA512
89436f1c94e98a69296de70f734084374bff52e2f989b6b5afd830bc964282d16fa05dd9aca0270836e84c57cc8bc7085fdb13c76d44df394481a2668776fe51
-
SSDEEP
98304:jDmqU04ZvRKbtczH0zzJsKwQ2wFfOP3M1NSbAaIzhhhMhkRP:k7zUHTn9OsNSEaIzhhhMhkRP
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Win32.Evo-gen.23836.28931.exe
-
Size
8.2MB
-
MD5
61bc92300d1bdb57026a090e78e2adb0
-
SHA1
5ba41fdf8e1465873a51be0651d2fc93df1492da
-
SHA256
9e798c1d03cbcf16d59d11847ecb2eebe9e703b6e595d11129c0ce6c69beb635
-
SHA512
89436f1c94e98a69296de70f734084374bff52e2f989b6b5afd830bc964282d16fa05dd9aca0270836e84c57cc8bc7085fdb13c76d44df394481a2668776fe51
-
SSDEEP
98304:jDmqU04ZvRKbtczH0zzJsKwQ2wFfOP3M1NSbAaIzhhhMhkRP:k7zUHTn9OsNSEaIzhhhMhkRP
Score10/10-
UAC bypass
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1