c15a76e6023a05abd0237937cad3353bc104e97ee19d2fbcd475e1721b330c50 | Triage

Submit
Reports

Overview

overview

Static

static

believehot23 cccc.exe

windows7_x64

believehot23 cccc.exe

windows10_x64

Sharing

General

Target

believehot23 cccc.exe
Size

21KB
Sample

210226-8kej3f6sq6
MD5

60c08a798dfec76af8ebab5b019faffc
SHA1

33ae9c59bfe576e3ff1318d764fdbda05dfa26e2
SHA256

c15a76e6023a05abd0237937cad3353bc104e97ee19d2fbcd475e1721b330c50
SHA512

3de451f1903ff7d5cbe11c557d37b74852dbad3d59648b56f4dc447875859dd57d8391e0b9fe98a3c83a9e130c2089dabead0c15c5d6dcce4e3a47f944142898

Score

10^/10

evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

believehot23 cccc.exe

Resource

win7v20201028

evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

believehot23 cccc.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  believehot23 cccc.exe
- Size
  
  21KB
- MD5
  
  60c08a798dfec76af8ebab5b019faffc
- SHA1
  
  33ae9c59bfe576e3ff1318d764fdbda05dfa26e2
- SHA256
  
  c15a76e6023a05abd0237937cad3353bc104e97ee19d2fbcd475e1721b330c50
- SHA512
  
  3de451f1903ff7d5cbe11c557d37b74852dbad3d59648b56f4dc447875859dd57d8391e0b9fe98a3c83a9e130c2089dabead0c15c5d6dcce4e3a47f944142898
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Turns off Windows Defender SpyNet reporting
  evasion
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Nirsoft
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Modify Registry

Disabling Security Tools

Bypass User Account Control

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

© 2018-2024

Terms | Privacy