67f0cd25528f378ab2c18b1397de0627f14ca17ae15439d99873d6cb79cc5727 | Triage

Submit
Reports

Overview

overview

Static

static

TT.exe

windows7_x64

TT.exe

windows10_x64

Sharing

General

Target

TT.7z
Size

12KB
Sample

210225-zb1hwdxytn
MD5

5821164a2546ebe30941ac84cba1ca9e
SHA1

d0c9767a6ef183553b92bea3f77f693ac635697c
SHA256

67f0cd25528f378ab2c18b1397de0627f14ca17ae15439d99873d6cb79cc5727
SHA512

036ba44770c1effe5deb6febefd0966d807b4e29fad9b5abc3a586b3d7b186df3be484b6f1bd790609985579e5b5987bdd5af5f78b63490156b0784b3898b857

Score

10^/10

evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

TT.exe

Resource

win7v20201028

evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

TT.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  TT.exe
- Size
  
  24KB
- MD5
  
  31823aba37e4612f84e00a36615982d2
- SHA1
  
  9d3d1aac3aa20fcba8e62316c7202226325c7601
- SHA256
  
  abec75c995b6bac05ca3aa49002dedb12a4fc7194e93f814f3edbb996d9cfa7a
- SHA512
  
  06dfc45e33b2f90437711ede586412dba3838f2f9b79020d8846a11838879f418a9089d2d555cd8772895f9ff446f3a015d9c279ae5b5f0e28402373e229959f
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Turns off Windows Defender SpyNet reporting
  evasion
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Nirsoft
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Modify Registry

Disabling Security Tools

Bypass User Account Control

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

© 2018-2024

Terms | Privacy