General
-
Target
EnigmaInjector.exe
-
Size
1.7MB
-
Sample
240501-plvspaeg3t
-
MD5
1cab631c264b214fd32b7285e32f8c33
-
SHA1
9ff73c3d8b5113874152026564db2de145ac17ac
-
SHA256
95ed8e6e2769c45d575e997bac7a5cf31798e3eefa96a4796699436dcd3d3922
-
SHA512
aefeb7215bb86c458fc04b76552a080becf92a73821003fbd5dfdc7e3294463d75adf558d329d3d4a31d10188971df6d689a067c4da117e9077152b3530a9a9f
-
SSDEEP
49152:egWzFQAwEXwHPV9ZIBh58HKAzWrlFtTrBn4xIKgKUDv:rWOAfX2PVHifoKAzWrlFdrBnlKg7r
Malware Config
Targets
-
-
Target
EnigmaInjector.exe
-
Size
1.7MB
-
MD5
1cab631c264b214fd32b7285e32f8c33
-
SHA1
9ff73c3d8b5113874152026564db2de145ac17ac
-
SHA256
95ed8e6e2769c45d575e997bac7a5cf31798e3eefa96a4796699436dcd3d3922
-
SHA512
aefeb7215bb86c458fc04b76552a080becf92a73821003fbd5dfdc7e3294463d75adf558d329d3d4a31d10188971df6d689a067c4da117e9077152b3530a9a9f
-
SSDEEP
49152:egWzFQAwEXwHPV9ZIBh58HKAzWrlFtTrBn4xIKgKUDv:rWOAfX2PVHifoKAzWrlFdrBnlKg7r
Score10/10-
UAC bypass
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2