c7fa99cc822d14f4a2318c8eef415641e4102ff065db971da00cfce9f540568e | Triage

Sharing

General

Target

c7fa99cc822d14f4a2318c8eef415641e4102ff065db971da00cfce9f540568e
Size

16KB
Sample

220926-r127esbba2
MD5

29654495a634f6b8933c6de727b4a453
SHA1

9d7ca7d7765f9780b513e982c83cbb3ad0ac3e53
SHA256

c7fa99cc822d14f4a2318c8eef415641e4102ff065db971da00cfce9f540568e
SHA512

2fbed83cd5351dc89b0e94825a49a452e55e60891708eaeda7a2bc6233ad077598ef9dabf0da6723cbb3af2e51382f89c1b0bd573f5d3c32f272c69f9a96f317
SSDEEP

384:iyHMfts7cLUpidh7RAhk6Rp9+KgUjjYw4xZkicDx:RHMGjUtDo964jYw4Y1

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  ÿոdocx.exe
- Size
  
  56KB
- MD5
  
  53bd8b97c02d09b92f8508108e788e4e
- SHA1
  
  1c0c87df4e56d667047e51838b57ed0f792608d8
- SHA256
  
  889ec7d82299313b7665d062df39c1158361308582fed001661fc469347ceefa
- SHA512
  
  198471e3eb1a8c89da9b8401b3316fe4f60eb454e573bdc665cf0668fa3035d14a3ef0ee7915b073fe1bdd6892ac635a3fe55ce96b38ebbe9cff8ebe3d76962c
- SSDEEP
  
  768:0MTeJfcWsPRIOKcGlO/qR13Clrs8qj2DGI2:07JNmRbWMkYsADF
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2