General
-
Target
4bc29f089749b7cfdb99421f54cedbaab3456dea9f6bd46db4a158c48c457213
-
Size
14.2MB
-
Sample
240620-kdswxascnn
-
MD5
16c5fe4f6e52a3dda0cf2f62c23a34e0
-
SHA1
002a773f29dad70b9354c9af185706248936767c
-
SHA256
4bc29f089749b7cfdb99421f54cedbaab3456dea9f6bd46db4a158c48c457213
-
SHA512
0f106bb726036d5dcae304f099e070199bc4842cb1cffaf5a8c8b52e6a6ddf8cd8c91cd26edc8e27a587e684542c623a169b117b00d1fb803168feac08d78929
-
SSDEEP
393216:blpDGYe6HE/aIAgywIjMmYqTz29/NgEETiVjsp5c99CVPq4T+0SAZn7:bDxe6HE/lAg4uFyiFsp89Z4T5SAZ7
Malware Config
Targets
-
-
Target
4bc29f089749b7cfdb99421f54cedbaab3456dea9f6bd46db4a158c48c457213
-
Size
14.2MB
-
MD5
16c5fe4f6e52a3dda0cf2f62c23a34e0
-
SHA1
002a773f29dad70b9354c9af185706248936767c
-
SHA256
4bc29f089749b7cfdb99421f54cedbaab3456dea9f6bd46db4a158c48c457213
-
SHA512
0f106bb726036d5dcae304f099e070199bc4842cb1cffaf5a8c8b52e6a6ddf8cd8c91cd26edc8e27a587e684542c623a169b117b00d1fb803168feac08d78929
-
SSDEEP
393216:blpDGYe6HE/aIAgywIjMmYqTz29/NgEETiVjsp5c99CVPq4T+0SAZn7:bDxe6HE/lAg4uFyiFsp89Z4T5SAZ7
Score10/10-
UAC bypass
-
Disables RegEdit via registry modification
-
Event Triggered Execution: Image File Execution Options Injection
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1