2017-10-30 Generic Infostealer Malware Using UAC Bypass

A quick write-up on a generic infostealer that also uses a UAC bypass technique. I could not find much about this malware outside that it was a generic information stealing malware. For some interesting reading on how to bypass UAC within Windows, please see the following links: https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/ https://enigma0x3.net/2016/07/22/bypassing-uac-on-windows-10-using-disk-cleanup/ https://isc.sans.edu/forums/diary/Malicious+Office+files+using+fileless+UAC+bypass+to+drop+KEYBASE+malware/22011/…

Continue reading