General
-
Target
9fd4bf113af19b70e74d483e9ac4f2971385a5334a58abe697be19cde6467bd3
-
Size
768KB
-
Sample
240909-s8mblswdqp
-
MD5
da785794023592a4cef6116ced583f35
-
SHA1
9e73d58b0a5272134eefa94627cacdc197645a76
-
SHA256
9fd4bf113af19b70e74d483e9ac4f2971385a5334a58abe697be19cde6467bd3
-
SHA512
8081512c12ee871b7b5b81ffe9043185f65c6c578c4f85aaac3845203aa3a5ef272d81d713506324757f08f927225350f39b149ef39ff0cadb414f02e0563971
-
SSDEEP
12288:DaYtRQE+dTvIquHby03hDDByQnLkub6g32mjW:DaYtRRQTQF7yUjy3uuly
Malware Config
Targets
-
-
Target
9fd4bf113af19b70e74d483e9ac4f2971385a5334a58abe697be19cde6467bd3
-
Size
768KB
-
MD5
da785794023592a4cef6116ced583f35
-
SHA1
9e73d58b0a5272134eefa94627cacdc197645a76
-
SHA256
9fd4bf113af19b70e74d483e9ac4f2971385a5334a58abe697be19cde6467bd3
-
SHA512
8081512c12ee871b7b5b81ffe9043185f65c6c578c4f85aaac3845203aa3a5ef272d81d713506324757f08f927225350f39b149ef39ff0cadb414f02e0563971
-
SSDEEP
12288:DaYtRQE+dTvIquHby03hDDByQnLkub6g32mjW:DaYtRRQTQF7yUjy3uuly
Score10/10-
UAC bypass
-
Windows security bypass
-
Disables taskbar notifications via registry modification
-
Windows security modification
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5