6485af5032466d4171f7b8dc6e819a9638b3845ace73309681f4763ae3430a3a | Triage

Sharing

General

Target

HEUR-Trojan.MSIL.Diztakun.gen-6485af5032466d4171f7b8dc6e819a9638b3845ace73309681f4763ae3430a3a.exe
Size

173KB
Sample

220924-lm7l4accer
MD5

74b94b14668ea1070980d221c963c628
SHA1

61a0fdc4418c0812c7c660d7e0abde02d6ea178b
SHA256

6485af5032466d4171f7b8dc6e819a9638b3845ace73309681f4763ae3430a3a
SHA512

7de3d821b8928d9ce56e27aff56df6c1d452f51bf64c8da9cd18f25912529a971792690271c375b67acaf19b2f2866f92f6b5085c5ad408257c79cf30f785407
SSDEEP

1536:MougyGBWoV5vNX+sfrPrfDAN/f+x8mOqGL63X5aUV1nt0PcPW8ih+wVcl:NyGs0RFfjrfDE/Gx8mOYn5aUVE84+qY

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  HEUR-Trojan.MSIL.Diztakun.gen-6485af5032466d4171f7b8dc6e819a9638b3845ace73309681f4763ae3430a3a.exe
- Size
  
  173KB
- MD5
  
  74b94b14668ea1070980d221c963c628
- SHA1
  
  61a0fdc4418c0812c7c660d7e0abde02d6ea178b
- SHA256
  
  6485af5032466d4171f7b8dc6e819a9638b3845ace73309681f4763ae3430a3a
- SHA512
  
  7de3d821b8928d9ce56e27aff56df6c1d452f51bf64c8da9cd18f25912529a971792690271c375b67acaf19b2f2866f92f6b5085c5ad408257c79cf30f785407
- SSDEEP
  
  1536:MougyGBWoV5vNX+sfrPrfDAN/f+x8mOqGL63X5aUV1nt0PcPW8ih+wVcl:NyGs0RFfjrfDE/Gx8mOYn5aUVE84+qY
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Disables Task Manager via registry modification
  evasion
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan