ffc5f92287636bef238589d5dff11290f1e723d6d463ddc139e00016fb5c3e4b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffc5f92287636bef238589d5dff11290f1e723d6d463ddc139e00016fb5c3e4b
Size

393KB
Sample

221011-td2y9acfd6
MD5

192990cdfb7114e2f7a8692a86f0550b
SHA1

1619e84fdeae62ec5d188a5ad99bd2e2d90b18c8
SHA256

ffc5f92287636bef238589d5dff11290f1e723d6d463ddc139e00016fb5c3e4b
SHA512

6d832b4b0b2f027ed46ac2c0b36a6932d353b8c4661a652bc82f9d814ce2b9cf832c04bbe709d8e8a8be1e94c378dc70f571559a13fe9cabab4e302a7b39eac5
SSDEEP

12288:kyJY9pdmxwRWwcVGzWd0f6nZU4hZo8ydktttttttttttttDDPPvd:kyJOfWwWGzUrbOYD3vd

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  ffc5f92287636bef238589d5dff11290f1e723d6d463ddc139e00016fb5c3e4b
- Size
  
  393KB
- MD5
  
  192990cdfb7114e2f7a8692a86f0550b
- SHA1
  
  1619e84fdeae62ec5d188a5ad99bd2e2d90b18c8
- SHA256
  
  ffc5f92287636bef238589d5dff11290f1e723d6d463ddc139e00016fb5c3e4b
- SHA512
  
  6d832b4b0b2f027ed46ac2c0b36a6932d353b8c4661a652bc82f9d814ce2b9cf832c04bbe709d8e8a8be1e94c378dc70f571559a13fe9cabab4e302a7b39eac5
- SSDEEP
  
  12288:kyJY9pdmxwRWwcVGzWd0f6nZU4hZo8ydktttttttttttttDDPPvd:kyJOfWwWGzUrbOYD3vd
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2