1f3baba653331feaa2b327988f63ab12d16d9b9763b23f39eab9d7043324ff6c | Triage

Sharing

General

Target

1f3baba653331feaa2b327988f63ab12d16d9b9763b23f39eab9d7043324ff6c
Size

420KB
Sample

221003-bxxvjaccbl
MD5

04ccf8a85a7dae257bb92182394ca232
SHA1

3da78d275cb32653b86daea4a3a4d119ce2afbd1
SHA256

1f3baba653331feaa2b327988f63ab12d16d9b9763b23f39eab9d7043324ff6c
SHA512

18e5ae73288a02488a24508b5fbe29929db3b1dc41a80f03457d07906cdaae3aa59be45ac7fd62c625e733abc48b0e084d218ceaf7737f6e5ed0cfc068332c67
SSDEEP

12288:hskn7000A/r793e8Uya0oi9YPatYMRgCNZ:hD77D79yynoIYStfRB

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  1f3baba653331feaa2b327988f63ab12d16d9b9763b23f39eab9d7043324ff6c
- Size
  
  420KB
- MD5
  
  04ccf8a85a7dae257bb92182394ca232
- SHA1
  
  3da78d275cb32653b86daea4a3a4d119ce2afbd1
- SHA256
  
  1f3baba653331feaa2b327988f63ab12d16d9b9763b23f39eab9d7043324ff6c
- SHA512
  
  18e5ae73288a02488a24508b5fbe29929db3b1dc41a80f03457d07906cdaae3aa59be45ac7fd62c625e733abc48b0e084d218ceaf7737f6e5ed0cfc068332c67
- SSDEEP
  
  12288:hskn7000A/r793e8Uya0oi9YPatYMRgCNZ:hD77D79yynoIYStfRB
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2