8c760bec029ea6141d35b95025918456ae253d08ca62b197acbf224bd68acd25 | Triage

Sharing

General

Target

RunAsAdmin.exe
Size

8.3MB
Sample

241121-vewdjayjel
MD5

8948a3a62718aa7906f6cc88feacfcde
SHA1

f0d30913f6d892604ae38a57e267e91853c687d3
SHA256

8c760bec029ea6141d35b95025918456ae253d08ca62b197acbf224bd68acd25
SHA512

dc67bc715d051395d46e9d806e2fe2378a44e24b148906e75326d3fff159ef78286a2199c1988c042245a308276855f595b812d1aa1f2ce755d11bf7f814c1dc
SSDEEP

196608:MaCN2Jv0hkNypk65cNYHeLgDsDokeAMRvSnOwFw/wcHwLFrMthx:M9NCv0hDlHeLgD8eAEpwFw/w6wLFEh

Score

6^/10

defense_evasion discovery evasion privilege_escalation trojan

Malware Config

Targets

- Target
  
  RunAsAdmin.exe
- Size
  
  8.3MB
- MD5
  
  8948a3a62718aa7906f6cc88feacfcde
- SHA1
  
  f0d30913f6d892604ae38a57e267e91853c687d3
- SHA256
  
  8c760bec029ea6141d35b95025918456ae253d08ca62b197acbf224bd68acd25
- SHA512
  
  dc67bc715d051395d46e9d806e2fe2378a44e24b148906e75326d3fff159ef78286a2199c1988c042245a308276855f595b812d1aa1f2ce755d11bf7f814c1dc
- SSDEEP
  
  196608:MaCN2Jv0hkNypk65cNYHeLgDsDokeAMRvSnOwFw/wcHwLFrMthx:M9NCv0hDlHeLgD8eAEpwFw/w6wLFEh
Score

6^/10

defense_evasion discovery evasion privilege_escalation trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryevasionprivilege_escalationtrojan

behavioral2

defense_evasiondiscoveryevasionprivilege_escalationtrojan