2cddaf72836e3784c49223d6da3d21fb838fef1dda74b874ac0c28fcc3bd18ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cddaf72836e3784c49223d6da3d21fb838fef1dda74b874ac0c28fcc3bd18ed
Size

456KB
Sample

220919-aa84lsfhf9
MD5

77e969410071c1aa607671a971eea560
SHA1

93c2347d2d51759d3444be3070ace6d0437d81b3
SHA256

2cddaf72836e3784c49223d6da3d21fb838fef1dda74b874ac0c28fcc3bd18ed
SHA512

02d9b18ab2bde3a9e3e4ac3beafbc8cb5b8e284b44dac4afdb399c3fc029634489a6c1080174951f4345c6e586cf07795b5e4c60a3b3f9ca3e66da194aab685f
SSDEEP

12288:QgR3CljSRXPnPzHLOX5ABBEzIn3kbXwAbNyMorVy7D:NR3Cx+Xf3TBEzI3kbXBKrc

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  2cddaf72836e3784c49223d6da3d21fb838fef1dda74b874ac0c28fcc3bd18ed
- Size
  
  456KB
- MD5
  
  77e969410071c1aa607671a971eea560
- SHA1
  
  93c2347d2d51759d3444be3070ace6d0437d81b3
- SHA256
  
  2cddaf72836e3784c49223d6da3d21fb838fef1dda74b874ac0c28fcc3bd18ed
- SHA512
  
  02d9b18ab2bde3a9e3e4ac3beafbc8cb5b8e284b44dac4afdb399c3fc029634489a6c1080174951f4345c6e586cf07795b5e4c60a3b3f9ca3e66da194aab685f
- SSDEEP
  
  12288:QgR3CljSRXPnPzHLOX5ABBEzIn3kbXwAbNyMorVy7D:NR3Cx+Xf3TBEzI3kbXBKrc
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2