hxxps://github[.]com/tsgrgo/windows-update-disabler/archive/refs/heads/main[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

https://github.com/t...

windows11-21h2-x64

Sharing

General

Target

https://github.com/tsgrgo/windows-update-disabler/archive/refs/heads/main.zip
Sample

240705-xjn65atanr

Score

10^/10

defense_evasion discovery evasion execution exploit privilege_escalation

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://github.com/tsgrgo/windows-update-disabler/archive/refs/heads/main.zip

Resource

win11-20240704-en

defense_evasion discovery evasion execution exploit privilege_escalation

windows11-21h2-x64

21 signatures

1200 seconds

Malware Config

Targets

- Target
  
  https://github.com/tsgrgo/windows-update-disabler/archive/refs/heads/main.zip
Score

10^/10

defense_evasion discovery evasion execution exploit privilege_escalation
- Disables service(s)
  evasion execution
- Possible privilege escalation attempt
  exploit
- Executes dropped EXE
- Modifies file permissions
  discovery
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

System Services

Service Execution

Command and Scripting Interpreter

PowerShell

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Access Token Manipulation

Create Process with Token

Defense Evasion

File and Directory Permissions Modification

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Resource Development

Reconnaissance

Tasks

static1

urlscan1

behavioral1

defense_evasiondiscoveryevasionexecutionexploitprivilege_escalation

© 2018-2024

Terms | Privacy