12d8bccc8b4bf05902c0b015095db69b07dd859b577e9aa806201a082a8244ee | Triage

Sharing

General

Target

EXMPremiumTweaker.bat
Size

669KB
Sample

240809-t96mbawhre
MD5

a907bfcab8903b37d8595377c3e268ed
SHA1

e521540a3bffd5567d83782628b3de6173cb9364
SHA256

12d8bccc8b4bf05902c0b015095db69b07dd859b577e9aa806201a082a8244ee
SHA512

bb122cd94abfe6b43b2bd86852b37212b0d6096385bad85fea47d0aa3d80ada43c8e62735db1a5561c25ad9c23a4f8681933197dcf0495e1b182061181650905
SSDEEP

3072:WDGzQbmbkAqA2xH7VkKEn14IZVvisLur+K3:WDGiVNEn14IZVvisL43

Score

10^/10

defense_evasion evasion execution persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  EXMPremiumTweaker.bat
- Size
  
  669KB
- MD5
  
  a907bfcab8903b37d8595377c3e268ed
- SHA1
  
  e521540a3bffd5567d83782628b3de6173cb9364
- SHA256
  
  12d8bccc8b4bf05902c0b015095db69b07dd859b577e9aa806201a082a8244ee
- SHA512
  
  bb122cd94abfe6b43b2bd86852b37212b0d6096385bad85fea47d0aa3d80ada43c8e62735db1a5561c25ad9c23a4f8681933197dcf0495e1b182061181650905
- SSDEEP
  
  3072:WDGzQbmbkAqA2xH7VkKEn14IZVvisLur+K3:WDGiVNEn14IZVvisL43
Score

10^/10

defense_evasion evasion execution persistence privilege_escalation trojan
- UAC bypass
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Hide Artifacts

Ignore Process Interrupts

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionevasionexecutionpersistenceprivilege_escalationtrojan