19b31640e38f863beeef6fedf9786348a338ae872339bed0bce9e29e0f7f8dc5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

vencord addon.zip
Size

848B
Sample

240928-t35rfayapb
MD5

809186b2017b458a70debd193a0413cd
SHA1

d991e66b3219def00024ac4f2eade14f48f7eb55
SHA256

19b31640e38f863beeef6fedf9786348a338ae872339bed0bce9e29e0f7f8dc5
SHA512

cc5fafd7a90c056a8452cdbcb9ed2e1fc5bb2366c162e255621d0c05a3f5aa01eee2f712535d1b6adbdd96b442e87c3c1576bc643687ab4fb732662fe03928fa

Score

8^/10

evasion persistence privilege_escalation

Malware Config

Targets

- Target
  
  addon uploader.bat
- Size
  
  1KB
- MD5
  
  e4c86d26b06c19e836c751dee66db87f
- SHA1
  
  ace65f2ad2f8772ad644550fb8fc5a16556d9059
- SHA256
  
  cfd6f9bd4024accd228abf5d5499ee4c056e74f689ad483b9077925f4048800b
- SHA512
  
  46518e34ca6fbe2b1d917987f627493d1da83f924b18003e1e731cb42d541b4df6c5b4a4e2184c9e747ad7cd44fe7703c2151493fd83bf45ae9ad85612900653
Score

8^/10

evasion persistence privilege_escalation
- Disables Task Manager via registry modification
  evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceprivilege_escalation