8c0667e5df44f330bac5c0196d320b963b37d1c8886361e1ddaee74460af88e2 | Triage

Sharing

General

Target

8c0667e5df44f330bac5c0196d320b963b37d1c8886361e1ddaee74460af88e2
Size

325KB
Sample

220918-3vmqbsfeh9
MD5

b46240feaf478632148c48805adc0750
SHA1

3dca6c3e74897e7f0af20957b81f59ab0c83dd74
SHA256

8c0667e5df44f330bac5c0196d320b963b37d1c8886361e1ddaee74460af88e2
SHA512

15b4922d6ddeea40626bc59e4ff5626c8b03522673a7131f6aad6f7a37976ad5d06875d3d33015d12ecbff66043e5f1e5c07f05ecf73159b9999f27111b3c4bc
SSDEEP

6144:bgpd5NG3XXnRI2RZfdM5rkVYIWNJnXyEtBfCvoK8CUmt6CAWctDpv:bgP/IXRIGdMNkiIEJnXWzbUVtWctDpv

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  8c0667e5df44f330bac5c0196d320b963b37d1c8886361e1ddaee74460af88e2
- Size
  
  325KB
- MD5
  
  b46240feaf478632148c48805adc0750
- SHA1
  
  3dca6c3e74897e7f0af20957b81f59ab0c83dd74
- SHA256
  
  8c0667e5df44f330bac5c0196d320b963b37d1c8886361e1ddaee74460af88e2
- SHA512
  
  15b4922d6ddeea40626bc59e4ff5626c8b03522673a7131f6aad6f7a37976ad5d06875d3d33015d12ecbff66043e5f1e5c07f05ecf73159b9999f27111b3c4bc
- SSDEEP
  
  6144:bgpd5NG3XXnRI2RZfdM5rkVYIWNJnXyEtBfCvoK8CUmt6CAWctDpv:bgP/IXRIGdMNkiIEJnXWzbUVtWctDpv
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2