4a1ef71dab5cde1608895bc66913f5c6e5567af96823b572050ed49b1152fa99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a1ef71dab5cde1608895bc66913f5c6e5567af96823b572050ed49b1152fa99
Size

384KB
Sample

220918-3nljpafcb4
MD5

1bf689d0b79241a9e8115c246201f495
SHA1

0628ff061908ebd5feaed14ba347ab42cb381474
SHA256

4a1ef71dab5cde1608895bc66913f5c6e5567af96823b572050ed49b1152fa99
SHA512

21f30c6647636f68acb0f7ec612eb127e90c0276bf0aa925f3075ef255cd258763e318769034c7d0296d8911802c482b18d455e6ecf43a71048323b1a9a3e2ca
SSDEEP

6144:MptuVyRv55G5ke9MRs0On1SIFs7Bqwtj9kJ8c0IITjZ0N7/cYL9duz4hwOUu808R:BeR5GdCs0O1BkBqwtjFc0fTjZOT59ozj

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  4a1ef71dab5cde1608895bc66913f5c6e5567af96823b572050ed49b1152fa99
- Size
  
  384KB
- MD5
  
  1bf689d0b79241a9e8115c246201f495
- SHA1
  
  0628ff061908ebd5feaed14ba347ab42cb381474
- SHA256
  
  4a1ef71dab5cde1608895bc66913f5c6e5567af96823b572050ed49b1152fa99
- SHA512
  
  21f30c6647636f68acb0f7ec612eb127e90c0276bf0aa925f3075ef255cd258763e318769034c7d0296d8911802c482b18d455e6ecf43a71048323b1a9a3e2ca
- SSDEEP
  
  6144:MptuVyRv55G5ke9MRs0On1SIFs7Bqwtj9kJ8c0IITjZ0N7/cYL9duz4hwOUu808R:BeR5GdCs0O1BkBqwtjFc0fTjZOT59ozj
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2