25f867b8065165d7876adb29673ac78be2a731ae82b9ea57eb54ba6479bc642e | Triage

Submit
Reports

Overview

overview

Static

static

dd1aa660f2...6c.exe

windows7_x64

dd1aa660f2...6c.exe

windows10_x64

Sharing

General

Target

dd1aa660f2f24368dd58c5ce7a709b6c
Size

818KB
Sample

201109-g4tq7xt3d6
MD5

dd1aa660f2f24368dd58c5ce7a709b6c
SHA1

a54d435a04d3e883b1773d1c8d439dc95628fa07
SHA256

25f867b8065165d7876adb29673ac78be2a731ae82b9ea57eb54ba6479bc642e
SHA512

a86738a5fd7915f3fbd9ddc8b5c3e01a936074749b7e8d14ceb91defef6657b5e5c1fc76fc6461b86424add2099c14b90c88b7b84de53928404562f2148b16b5

Score

10^/10

evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

dd1aa660f2f24368dd58c5ce7a709b6c.exe

Resource

win7v20201028

evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

dd1aa660f2f24368dd58c5ce7a709b6c.exe

Resource

win10v20201028

evasion persistence trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  dd1aa660f2f24368dd58c5ce7a709b6c
- Size
  
  818KB
- MD5
  
  dd1aa660f2f24368dd58c5ce7a709b6c
- SHA1
  
  a54d435a04d3e883b1773d1c8d439dc95628fa07
- SHA256
  
  25f867b8065165d7876adb29673ac78be2a731ae82b9ea57eb54ba6479bc642e
- SHA512
  
  a86738a5fd7915f3fbd9ddc8b5c3e01a936074749b7e8d14ceb91defef6657b5e5c1fc76fc6461b86424add2099c14b90c88b7b84de53928404562f2148b16b5
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security bypass
  evasion trojan
- ServiceHost packer
  Detects ServiceHost packer used for .NET malware
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan

© 2018-2024

Terms | Privacy