29b1cf97d4c89bf83d4dd4f1447c3c36935ce2ec3e05ca56d47c9f3e2e581909 | Triage

Sharing

General

Target

29b1cf97d4c89bf83d4dd4f1447c3c36935ce2ec3e05ca56d47c9f3e2e581909
Size

187KB
Sample

220615-qrwgvagffl
MD5

247209d2f18ecdefb4d7878d989fb6c7
SHA1

bb5319e0cb0088cbafe8b838a140b9f9c497adbe
SHA256

29b1cf97d4c89bf83d4dd4f1447c3c36935ce2ec3e05ca56d47c9f3e2e581909
SHA512

9526e76458717c39453a700e2ec14c5748876cc7a1d62c5546923591be7123a2c36111bfda6bceda0473dfe41b0c787e70aa65641d5f165bd8accaeb3b835dc1

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  29b1cf97d4c89bf83d4dd4f1447c3c36935ce2ec3e05ca56d47c9f3e2e581909
- Size
  
  187KB
- MD5
  
  247209d2f18ecdefb4d7878d989fb6c7
- SHA1
  
  bb5319e0cb0088cbafe8b838a140b9f9c497adbe
- SHA256
  
  29b1cf97d4c89bf83d4dd4f1447c3c36935ce2ec3e05ca56d47c9f3e2e581909
- SHA512
  
  9526e76458717c39453a700e2ec14c5748876cc7a1d62c5546923591be7123a2c36111bfda6bceda0473dfe41b0c787e70aa65641d5f165bd8accaeb3b835dc1
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security bypass
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2