General
-
Target
malware.txt
-
Size
7KB
-
Sample
240519-yalv3seb44
-
MD5
9c18843bf13af2e38482ac3fe46f4290
-
SHA1
cc90dab75e362b455262c5e3b612b5dfb04f0b38
-
SHA256
adb740a4d2814f2fc7078d3a81c9c642cc13e9a77e728483b67e6ca668a2e373
-
SHA512
8dd8d17346f421c461ce66ca7c1ac9e75bd1c5628a0fa81dc4c59db1dcc7ab23b31d35f6c492ddfa3d862b67311559f6c2c5e4d923d40fdca94c313f1f53c797
-
SSDEEP
96:qD/+WSNb8mN8r9f4PPfMSHnx2gqoAqb1j8RW8ELzmdPzWdEKuWP2W9Nukim29mQ2:qD/UqrZgX7xXCdPidfbj2Qr
Static task
static1
Behavioral task
behavioral1
Sample
malware.vbs
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
malware.vbs
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
malware.txt
-
Size
7KB
-
MD5
9c18843bf13af2e38482ac3fe46f4290
-
SHA1
cc90dab75e362b455262c5e3b612b5dfb04f0b38
-
SHA256
adb740a4d2814f2fc7078d3a81c9c642cc13e9a77e728483b67e6ca668a2e373
-
SHA512
8dd8d17346f421c461ce66ca7c1ac9e75bd1c5628a0fa81dc4c59db1dcc7ab23b31d35f6c492ddfa3d862b67311559f6c2c5e4d923d40fdca94c313f1f53c797
-
SSDEEP
96:qD/+WSNb8mN8r9f4PPfMSHnx2gqoAqb1j8RW8ELzmdPzWdEKuWP2W9Nukim29mQ2:qD/UqrZgX7xXCdPidfbj2Qr
-
Modifies boot configuration data using bcdedit
-
Creates new service(s)
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
Possible privilege escalation attempt
-
Modifies file permissions
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Execution
System Services
1Service Execution
1Command and Scripting Interpreter
2PowerShell
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
2Windows Service
2