6cb85e7b6966619b4069d83a310f96db079338071aa1bee033be227afc1811c8 | Triage

Sharing

General

Target

6cb85e7b6966619b4069d83a310f96db079338071aa1bee033be227afc1811c8
Size

368KB
Sample

220918-31pf4sbgap
MD5

1cee127386a92d8c1e26170ec4dd9ecf
SHA1

a5dd14b18e3b21bd190b5df6951d507856392b8f
SHA256

6cb85e7b6966619b4069d83a310f96db079338071aa1bee033be227afc1811c8
SHA512

14b796692ca7c79b8d2ce6e8b82e70b9376d7f54b09355ff8fd3e4e8a07846c8970a2a380027b3be4bd6f9bbad15f4712027445fae635ad30fd7ab06843702a8
SSDEEP

6144:UG4RMyhrVf/DRauRHlwrFYaN5ino7241GtMqzIXPH8CV+mybPzKP3zUeXm9+r:UVRMMrpDneFNzino7IUHybPzQjUeX

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  6cb85e7b6966619b4069d83a310f96db079338071aa1bee033be227afc1811c8
- Size
  
  368KB
- MD5
  
  1cee127386a92d8c1e26170ec4dd9ecf
- SHA1
  
  a5dd14b18e3b21bd190b5df6951d507856392b8f
- SHA256
  
  6cb85e7b6966619b4069d83a310f96db079338071aa1bee033be227afc1811c8
- SHA512
  
  14b796692ca7c79b8d2ce6e8b82e70b9376d7f54b09355ff8fd3e4e8a07846c8970a2a380027b3be4bd6f9bbad15f4712027445fae635ad30fd7ab06843702a8
- SSDEEP
  
  6144:UG4RMyhrVf/DRauRHlwrFYaN5ino7241GtMqzIXPH8CV+mybPzKP3zUeXm9+r:UVRMMrpDneFNzino7IUHybPzQjUeX
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2