2e52a75a5e392936e44c05e6807054f8af35c18c1328511309515f07d7b3b493 | Triage

Sharing

General

Target

2e52a75a5e392936e44c05e6807054f8af35c18c1328511309515f07d7b3b493
Size

388KB
Sample

220919-al4m9scchr
MD5

06f6af66117fc1e8dba04c463e2c26de
SHA1

c0587a3dc450fcf0b18410393e6df39959871225
SHA256

2e52a75a5e392936e44c05e6807054f8af35c18c1328511309515f07d7b3b493
SHA512

0646306cc83bb5643d4c453e4b5c52dd9e975a5b366b9e1b0548cd88058c970546a3052a6581c69ce46dd1dd6d99fd26d7ccc24a4535755ab17abfd8b7cc3796
SSDEEP

6144:xLfiXmF/gL6nBCP4xYlY6sUGHo4Kr+zT0dieCgdfSXC72gWHswakM/:x7/VgWnBCPflsKr+z2j2gWMw

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  2e52a75a5e392936e44c05e6807054f8af35c18c1328511309515f07d7b3b493
- Size
  
  388KB
- MD5
  
  06f6af66117fc1e8dba04c463e2c26de
- SHA1
  
  c0587a3dc450fcf0b18410393e6df39959871225
- SHA256
  
  2e52a75a5e392936e44c05e6807054f8af35c18c1328511309515f07d7b3b493
- SHA512
  
  0646306cc83bb5643d4c453e4b5c52dd9e975a5b366b9e1b0548cd88058c970546a3052a6581c69ce46dd1dd6d99fd26d7ccc24a4535755ab17abfd8b7cc3796
- SSDEEP
  
  6144:xLfiXmF/gL6nBCP4xYlY6sUGHo4Kr+zT0dieCgdfSXC72gWHswakM/:x7/VgWnBCPflsKr+z2j2gWMw
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2