a5e135ad7efb64746051b69e0da4c4ad47f49718feca56adeada8aef1fcc2806 | Triage

Sharing

General

Target

a5e135ad7efb64746051b69e0da4c4ad47f49718feca56adeada8aef1fcc2806
Size

384KB
Sample

220918-3whsrsbebq
MD5

c6e610614085e3b96412df41235af1b5
SHA1

a4e38a183f12674898a9429dc103ce4ce4e3b222
SHA256

a5e135ad7efb64746051b69e0da4c4ad47f49718feca56adeada8aef1fcc2806
SHA512

0727135c79b973aacd200a1f156d235a1f56ae6fe9dc6898067bd1566ec01649f66b021052bc4a4b04b097a152ea16446bcd34af94012b190da90e540b17159c
SSDEEP

6144:rEojoK+xjjOMUETS9CbF+IaU/oBWg9/VfKOsyiNEt9mjYlRwxJLVX9iRm:rEo4eC9aU/X0Vi3NEvlRAX8o

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  a5e135ad7efb64746051b69e0da4c4ad47f49718feca56adeada8aef1fcc2806
- Size
  
  384KB
- MD5
  
  c6e610614085e3b96412df41235af1b5
- SHA1
  
  a4e38a183f12674898a9429dc103ce4ce4e3b222
- SHA256
  
  a5e135ad7efb64746051b69e0da4c4ad47f49718feca56adeada8aef1fcc2806
- SHA512
  
  0727135c79b973aacd200a1f156d235a1f56ae6fe9dc6898067bd1566ec01649f66b021052bc4a4b04b097a152ea16446bcd34af94012b190da90e540b17159c
- SSDEEP
  
  6144:rEojoK+xjjOMUETS9CbF+IaU/oBWg9/VfKOsyiNEt9mjYlRwxJLVX9iRm:rEo4eC9aU/X0Vi3NEvlRAX8o
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2