Overview

overview

10

Static

static

3

UCK.exe

windows7-x64

10

UCK.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    UCK.exe.vir

  • Size

    69.3MB

  • Sample

    240821-ka9egsydkb

  • MD5

    887684673f599f97b51b698decbe315f

  • SHA1

    abd983ff5b007f8937aadbf550a035dc08118f62

  • SHA256

    a48167c15a4d8e0d2315190ab672c8a5ce41978cfe7bcd6f74710a474795a161

  • SHA512

    9d8d775807109b37f853734b410387eaaf8a52679dc338b1a874168b2a72149743798452967cfc6d475f3ff0974178beb48c71dcbbf844fe7b471a819d0bdb3e

  • SSDEEP

    1572864:IklYCjxMgp23PnpSRxxhaz/+df11/GgzBGQIj5Oi:7y+9unkRxDw/Mf/pBGRj5

Score
10/10
discoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      UCK.exe.vir

    • Size

      69.3MB

    • MD5

      887684673f599f97b51b698decbe315f

    • SHA1

      abd983ff5b007f8937aadbf550a035dc08118f62

    • SHA256

      a48167c15a4d8e0d2315190ab672c8a5ce41978cfe7bcd6f74710a474795a161

    • SHA512

      9d8d775807109b37f853734b410387eaaf8a52679dc338b1a874168b2a72149743798452967cfc6d475f3ff0974178beb48c71dcbbf844fe7b471a819d0bdb3e

    • SSDEEP

      1572864:IklYCjxMgp23PnpSRxxhaz/+df11/GgzBGQIj5Oi:7y+9unkRxDw/Mf/pBGRj5

    Score
    10/10
    discoveryevasionpersistenceprivilege_escalationtrojan

    • UAC bypass

      evasiontrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks