General

  • Target

    https://drive.google.com/drive/folders/10giNQ3CzG2OWwqUogveWyzYYsj5zuqD4?usp=drive_link

  • Sample

    241204-xn29jswmaz

Malware Config

Targets

    • Target

      https://drive.google.com/drive/folders/10giNQ3CzG2OWwqUogveWyzYYsj5zuqD4?usp=drive_link

    • Possible privilege escalation attempt

    • Executes dropped EXE

    • Modifies file permissions

    • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    • Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks