59ad3ea226f098ca0ce2ba19bab2bccf446743277184b852bf4670e3f872e80c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59ad3ea226f098ca0ce2ba19bab2bccf446743277184b852bf4670e3f872e80c
Size

380KB
Sample

220918-3vfa9abdgq
MD5

92546b6b12ec891ba0c5e5a0c15409c9
SHA1

7b57b87d4c17936cad48933c37ad82c95866eb8e
SHA256

59ad3ea226f098ca0ce2ba19bab2bccf446743277184b852bf4670e3f872e80c
SHA512

0b903b63911ec5da001dada53eb20f0ec0307a9d6826d7b711c54ac5990949db4909da496120621b3547064f59f0df1ec3e20c26a2278db997e2ab6f27ffbf56
SSDEEP

6144:goOfu7ECLZZEovBNpbrynlIJH3PV50EbmjbVnYzQQzCGumAS0SKV3R1/0pW:rOG7EC9GepbM439DGVnYUQeGue0SqhdD

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  59ad3ea226f098ca0ce2ba19bab2bccf446743277184b852bf4670e3f872e80c
- Size
  
  380KB
- MD5
  
  92546b6b12ec891ba0c5e5a0c15409c9
- SHA1
  
  7b57b87d4c17936cad48933c37ad82c95866eb8e
- SHA256
  
  59ad3ea226f098ca0ce2ba19bab2bccf446743277184b852bf4670e3f872e80c
- SHA512
  
  0b903b63911ec5da001dada53eb20f0ec0307a9d6826d7b711c54ac5990949db4909da496120621b3547064f59f0df1ec3e20c26a2278db997e2ab6f27ffbf56
- SSDEEP
  
  6144:goOfu7ECLZZEovBNpbrynlIJH3PV50EbmjbVnYzQQzCGumAS0SKV3R1/0pW:rOG7EC9GepbM439DGVnYUQeGue0SqhdD
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2