General
-
Target
7479e0c0e99eade4fae849781d8db1adf9f4f5c6a680d15efa659c0a26b85516N.rl.zip
-
Size
652KB
-
Sample
241121-v9lgtaymdm
-
MD5
fde1b7cd7406d667319b7ece2b0ea01c
-
SHA1
005183a10e717df88344be520e73daecec889d49
-
SHA256
71c75529ad1bd10df5a0f1848445d8ef6a9b75f3209c43182a2870507c23c45d
-
SHA512
f799b57df20b2df74234652eef4c1b664411dc847ae46229334203d9ad6eb5b89ca3bbd9212550e4e139e55e07939990e3ee027c7fd96e349a4973169ba4822c
-
SSDEEP
12288:KVRNeOUex4Zo36MHEeLzszncjUWTpThbZOPWrZXWU8D3BA+TbKk7VNpB:ETedZo9F4LcZbdyDxbFbz
Malware Config
Targets
-
-
Target
61c91ec5971cab5e0fee5fb661a8423795053296.rl
-
Size
692KB
-
MD5
5c39bea66ad2ef5fb46c6056d16f8d20
-
SHA1
61c91ec5971cab5e0fee5fb661a8423795053296
-
SHA256
7479e0c0e99eade4fae849781d8db1adf9f4f5c6a680d15efa659c0a26b85516
-
SHA512
64a9c257f678d7f077fde3dad5bb56674498b2fc3730b4f5b3f804dcea5421ad265071979e5cfe3952f151ae35ae4aeabd1aaca5d114da8177b06c07e930cfb4
-
SSDEEP
12288:eqDefdyZPJZ0oqJ7EL6ssaziHfzB2r13VhcMBVDeO8lnfIgMC+:5hJpy7ELNWUZ3VuqVDeO8e
Score10/10-
Disables service(s)
-
UAC bypass
-
Windows security bypass
-
Stops running service(s)
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
2Windows Service
2Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
2Windows Service
2Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify Tools
3Modify Registry
6