General
-
Target
a61bff2dd2100a6be39be8778880eff5786686c65de713f3e3df592281b99476.exe.vir
-
Size
31.7MB
-
Sample
241122-ebsv8stpbt
-
MD5
75a011552602bce72c9aade3d4ca2dcf
-
SHA1
659a99006e76d0c99e52a236cd54aba9590fa462
-
SHA256
a61bff2dd2100a6be39be8778880eff5786686c65de713f3e3df592281b99476
-
SHA512
3a6a36e9c1a4fc506da3634f7edd66f89a5af66de261758bd6b82451f65df2314149a45123cda3acc02383a58e4f1222d7f54076a5ea5bad2556952464b58d25
-
SSDEEP
786432:fViQmGiQmGiQmGiQmXYYgTFE3CuXKzBqMOUK0ShvCdiUc:EQmzQmzQmzQmXpSVzsm+iij
Malware Config
Targets
-
-
Target
a61bff2dd2100a6be39be8778880eff5786686c65de713f3e3df592281b99476.exe.vir
-
Size
31.7MB
-
MD5
75a011552602bce72c9aade3d4ca2dcf
-
SHA1
659a99006e76d0c99e52a236cd54aba9590fa462
-
SHA256
a61bff2dd2100a6be39be8778880eff5786686c65de713f3e3df592281b99476
-
SHA512
3a6a36e9c1a4fc506da3634f7edd66f89a5af66de261758bd6b82451f65df2314149a45123cda3acc02383a58e4f1222d7f54076a5ea5bad2556952464b58d25
-
SSDEEP
786432:fViQmGiQmGiQmGiQmXYYgTFE3CuXKzBqMOUK0ShvCdiUc:EQmzQmzQmzQmXpSVzsm+iij
Score10/10-
UAC bypass
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
1