14007fd206b747305392b9f8712afab5dd14b2efe4e62a0e26a4e8df6933fd67 | Triage

Sharing

General

Target

14007fd206b747305392b9f8712afab5dd14b2efe4e62a0e26a4e8df6933fd67.bin
Size

257KB
Sample

210225-82lyzzn9pj
MD5

f56e80ea9e01670963449ac451af7510
SHA1

7bf3a3bda2c0d6ef24dabd49c18d6da70957517f
SHA256

14007fd206b747305392b9f8712afab5dd14b2efe4e62a0e26a4e8df6933fd67
SHA512

53200aef8c9635c1069e0d364404172c52e1a6e9a6185c61b383e94dcf761e8ded5663982cf67d768c87879346862b07e0d7a7161b442e5b3234b553543067ab

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  14007fd206b747305392b9f8712afab5dd14b2efe4e62a0e26a4e8df6933fd67.bin
- Size
  
  257KB
- MD5
  
  f56e80ea9e01670963449ac451af7510
- SHA1
  
  7bf3a3bda2c0d6ef24dabd49c18d6da70957517f
- SHA256
  
  14007fd206b747305392b9f8712afab5dd14b2efe4e62a0e26a4e8df6933fd67
- SHA512
  
  53200aef8c9635c1069e0d364404172c52e1a6e9a6185c61b383e94dcf761e8ded5663982cf67d768c87879346862b07e0d7a7161b442e5b3234b553543067ab
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Modifies security service
  evasion
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Bypass User Account Control

Scheduled Task

Defense Evasion

Modify Registry

Disabling Security Tools

Bypass User Account Control

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan