General
-
Target
948e1a925d5896b6a021ee51e48d87bca1c2cbd68a1b156e92366210fa6d63c9
-
Size
49KB
-
Sample
241117-jdqk4svcpg
-
MD5
9ec42a5a0e59f5a9f9156cc7a176b6f2
-
SHA1
05384413086147d1b063b83a7d02ac581463c372
-
SHA256
948e1a925d5896b6a021ee51e48d87bca1c2cbd68a1b156e92366210fa6d63c9
-
SHA512
e080675837cb1b11eca526a463c67847fb3f6986588fc24d31ddc9c797a065dddf93e55b928536bc5501437031bc87380925722a6d81d2edc292972e03770d0e
-
SSDEEP
1536:m/8UrULO3x2FKfcInN547HWjc57lFTnouy8c1:m/8UrrUFkwWjE5Frout4
Behavioral task
behavioral1
Sample
948e1a925d5896b6a021ee51e48d87bca1c2cbd68a1b156e92366210fa6d63c9.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
948e1a925d5896b6a021ee51e48d87bca1c2cbd68a1b156e92366210fa6d63c9.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
948e1a925d5896b6a021ee51e48d87bca1c2cbd68a1b156e92366210fa6d63c9
-
Size
49KB
-
MD5
9ec42a5a0e59f5a9f9156cc7a176b6f2
-
SHA1
05384413086147d1b063b83a7d02ac581463c372
-
SHA256
948e1a925d5896b6a021ee51e48d87bca1c2cbd68a1b156e92366210fa6d63c9
-
SHA512
e080675837cb1b11eca526a463c67847fb3f6986588fc24d31ddc9c797a065dddf93e55b928536bc5501437031bc87380925722a6d81d2edc292972e03770d0e
-
SSDEEP
1536:m/8UrULO3x2FKfcInN547HWjc57lFTnouy8c1:m/8UrrUFkwWjE5Frout4
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Access Token Manipulation
1Create Process with Token
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Access Token Manipulation
1Create Process with Token
1Modify Registry
1