General
-
Target
20240904200594800fb6bd0fda9eb160ed03f475hijackloaderryuk
-
Size
70.2MB
-
Sample
240904-gv511sxaqh
-
MD5
200594800fb6bd0fda9eb160ed03f475
-
SHA1
ae320a285fdfee5e8e5f68c29adfa2e7a3191757
-
SHA256
f26c72ec832fe45cc5817f9aab0e29a119dcb1db6b97f1185dcc8aae72cd58a2
-
SHA512
fb6237d019a6a09adb0d1ff10d51ab9c9fbd3218f750e182b07c03764f21510c8b5bbf64c54b18000c80d3e6eba83e3633a677aa8e6f7dd7c7ddf22ca3ceeec8
-
SSDEEP
1572864:ZklmCjxMgp23PnpSRxxhaz/+df11/GgzBGQIj5Oi:OE+9unkRxDw/Mf/pBGRj5
Malware Config
Targets
-
-
Target
20240904200594800fb6bd0fda9eb160ed03f475hijackloaderryuk
-
Size
70.2MB
-
MD5
200594800fb6bd0fda9eb160ed03f475
-
SHA1
ae320a285fdfee5e8e5f68c29adfa2e7a3191757
-
SHA256
f26c72ec832fe45cc5817f9aab0e29a119dcb1db6b97f1185dcc8aae72cd58a2
-
SHA512
fb6237d019a6a09adb0d1ff10d51ab9c9fbd3218f750e182b07c03764f21510c8b5bbf64c54b18000c80d3e6eba83e3633a677aa8e6f7dd7c7ddf22ca3ceeec8
-
SSDEEP
1572864:ZklmCjxMgp23PnpSRxxhaz/+df11/GgzBGQIj5Oi:OE+9unkRxDw/Mf/pBGRj5
Score10/10-
UAC bypass
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
1