ac7b3c1318b46a1ca03ac49358bf3942d906cbad024b33b5af8845e581e4b921 | Triage

Sharing

General

Target

ac7b3c1318b46a1ca03ac49358bf3942d906cbad024b33b5af8845e581e4b921
Size

404KB
Sample

220918-3pg8nafcf2
MD5

44ef98556c9befbb83b6e0db61800fe5
SHA1

0e0d3e8926c6dc3b3d4d209fd2365cfd13abcb76
SHA256

ac7b3c1318b46a1ca03ac49358bf3942d906cbad024b33b5af8845e581e4b921
SHA512

aec23ab97318c94957c8ca2a76fdbb39ce83b484ddb07f78403a540f8c24dd2640bb1db289650f4b885778441131db8e128c6692fff6742cd303e95c96c4ec69
SSDEEP

12288:a25YdVSH8j2DV4sQNUtLFSYKjWK8Oe70EewZS2:nZfZ4HUtLUY6WKu70Eews

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  ac7b3c1318b46a1ca03ac49358bf3942d906cbad024b33b5af8845e581e4b921
- Size
  
  404KB
- MD5
  
  44ef98556c9befbb83b6e0db61800fe5
- SHA1
  
  0e0d3e8926c6dc3b3d4d209fd2365cfd13abcb76
- SHA256
  
  ac7b3c1318b46a1ca03ac49358bf3942d906cbad024b33b5af8845e581e4b921
- SHA512
  
  aec23ab97318c94957c8ca2a76fdbb39ce83b484ddb07f78403a540f8c24dd2640bb1db289650f4b885778441131db8e128c6692fff6742cd303e95c96c4ec69
- SSDEEP
  
  12288:a25YdVSH8j2DV4sQNUtLFSYKjWK8Oe70EewZS2:nZfZ4HUtLUY6WKu70Eews
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2