86b70df30c283f3d35365699f0061e2db28b883aaae493dafce122fdcdfadb06 | Triage

Sharing

General

Target

86b70df30c283f3d35365699f0061e2db28b883aaae493dafce122fdcdfadb06
Size

7.1MB
Sample

220921-mrlqvsgbd2
MD5

32bdaa7e33fa1d6120549cfac054d06b
SHA1

f579172541393ac9f91cf953651e669984d34698
SHA256

86b70df30c283f3d35365699f0061e2db28b883aaae493dafce122fdcdfadb06
SHA512

1a3fad8c0fd6bebd0f2a7c29fb5e1f01042a736a37dd50cda0e428d5d9b7d6074fa903186b6064d55fb4df71764aac7402c2f3ab46df979e111ea66050af0836
SSDEEP

24576:7mcnH5tkoxFAiKfOLvsyQStlCk6bTTNLp1+Qa0h:7RnHA8Aqag4k8pF

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  86b70df30c283f3d35365699f0061e2db28b883aaae493dafce122fdcdfadb06
- Size
  
  7.1MB
- MD5
  
  32bdaa7e33fa1d6120549cfac054d06b
- SHA1
  
  f579172541393ac9f91cf953651e669984d34698
- SHA256
  
  86b70df30c283f3d35365699f0061e2db28b883aaae493dafce122fdcdfadb06
- SHA512
  
  1a3fad8c0fd6bebd0f2a7c29fb5e1f01042a736a37dd50cda0e428d5d9b7d6074fa903186b6064d55fb4df71764aac7402c2f3ab46df979e111ea66050af0836
- SSDEEP
  
  24576:7mcnH5tkoxFAiKfOLvsyQStlCk6bTTNLp1+Qa0h:7RnHA8Aqag4k8pF
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistencetrojan