a93b48b98f7fcfcc05240187ef098cdb33b8905cebb50386f56a68f5cc08edc7 | Triage

Sharing

General

Target

5b9fee8a999bd50608b7204a499770f8070bec7af20b3607af29ff3ed768639c.bin.sample.gz
Size

75KB
Sample

210820-plsbv5gf9x
MD5

7fe88a09b5f086e6a38608367190e924
SHA1

0f51f0894dcdd0c10f00c7ecd7e5cc964e453408
SHA256

a93b48b98f7fcfcc05240187ef098cdb33b8905cebb50386f56a68f5cc08edc7
SHA512

96df64c3b6052ce0db8ffb8f8c6c6354a1b1e58e7ee8f4cf08a47cfed8641cbb03660d9aa64d9f07b8d22b73ee6e3c48b6cd59b280a5b5109510b0314862cb21

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  sample
- Size
  
  158KB
- MD5
  
  56f67d720e83f2cff38f2ea1d9c8f9ff
- SHA1
  
  9c9cd7cd4fef7452eed6c4aba14ead4c389a8d78
- SHA256
  
  5b9fee8a999bd50608b7204a499770f8070bec7af20b3607af29ff3ed768639c
- SHA512
  
  527623d086597f54691e624a6c91fbe86958a78738c507b9c0097337262bb72a728a75f828dd173d2b9ea7861c5968232dc7e5d36a83d4ee3d7b5bbf42a79e3f
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan