General

  • Target

    075657e65d4a6aa13e9c6f758c96c11c18b29f330ee8e30ac3763c47aa1bfa44

  • Size

    9.2MB

  • Sample

    240524-emsplsce52

  • MD5

    d55b0be7279cf572706d2080a215f44e

  • SHA1

    3e32f7ecb9531d3b91be679d7b3c2adeabd3afb0

  • SHA256

    075657e65d4a6aa13e9c6f758c96c11c18b29f330ee8e30ac3763c47aa1bfa44

  • SHA512

    e15e656a9c5288696cc8f8a58353879cfc5d1b10c683fbdb2b2101830e1b16661ada23b03428db84b2b47d35acc379f5838272088d69aa999505d1fbb4eb6b22

  • SSDEEP

    98304:E+k7QDw+PcYq5LnYvacmm1xAWewWAWUlWJwSb099Pi8bh9x/NvBaudEGst+g2lfE:VktBlNChWX8bp/Bq6YAOjLcTH8kc

Score
10/10

Malware Config

Targets

    • Target

      075657e65d4a6aa13e9c6f758c96c11c18b29f330ee8e30ac3763c47aa1bfa44

    • Size

      9.2MB

    • MD5

      d55b0be7279cf572706d2080a215f44e

    • SHA1

      3e32f7ecb9531d3b91be679d7b3c2adeabd3afb0

    • SHA256

      075657e65d4a6aa13e9c6f758c96c11c18b29f330ee8e30ac3763c47aa1bfa44

    • SHA512

      e15e656a9c5288696cc8f8a58353879cfc5d1b10c683fbdb2b2101830e1b16661ada23b03428db84b2b47d35acc379f5838272088d69aa999505d1fbb4eb6b22

    • SSDEEP

      98304:E+k7QDw+PcYq5LnYvacmm1xAWewWAWUlWJwSb099Pi8bh9x/NvBaudEGst+g2lfE:VktBlNChWX8bp/Bq6YAOjLcTH8kc

    Score
    10/10
    • UAC bypass

    • Downloads MZ/PE file

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v13

Privilege Escalation

Abuse Elevation Control Mechanism

1
T1548

Bypass User Account Control

1
T1548.002

Defense Evasion

Abuse Elevation Control Mechanism

1
T1548

Bypass User Account Control

1
T1548.002

Impair Defenses

1
T1562

Disable or Modify Tools

1
T1562.001

Modify Registry

2
T1112

Discovery

System Information Discovery

2
T1082

Tasks