a4cfa305e2b7afc6e6f99286b061ba03a1db0845400b015ed828b0a47bfb5f94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4cfa305e2b7afc6e6f99286b061ba03a1db0845400b015ed828b0a47bfb5f94
Size

604KB
Sample

221002-pv6asafce2
MD5

6f2cbb2f56f855105a761158b83feae0
SHA1

7af6d968f1804298400cd24a408fe9e225dcc644
SHA256

a4cfa305e2b7afc6e6f99286b061ba03a1db0845400b015ed828b0a47bfb5f94
SHA512

af398dcd7ec616f40cc1cac4d55c22cb019f0670356d38e15f7c741f9ec65272a55069689e26957b0f9534b0f310bd2b48ffc3a1cd78493fe2b6ef9d8228024c
SSDEEP

12288:sju/qs4v8v5WKuSMsNl06MEla0oq4oqjdzYsf:sjuhNIKu0lpHkZYg

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  a4cfa305e2b7afc6e6f99286b061ba03a1db0845400b015ed828b0a47bfb5f94
- Size
  
  604KB
- MD5
  
  6f2cbb2f56f855105a761158b83feae0
- SHA1
  
  7af6d968f1804298400cd24a408fe9e225dcc644
- SHA256
  
  a4cfa305e2b7afc6e6f99286b061ba03a1db0845400b015ed828b0a47bfb5f94
- SHA512
  
  af398dcd7ec616f40cc1cac4d55c22cb019f0670356d38e15f7c741f9ec65272a55069689e26957b0f9534b0f310bd2b48ffc3a1cd78493fe2b6ef9d8228024c
- SSDEEP
  
  12288:sju/qs4v8v5WKuSMsNl06MEla0oq4oqjdzYsf:sjuhNIKu0lpHkZYg
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan