fa18d2a83fba7fff81ff840a625522c79b123147ea7fd4ce76d86cd6b59f0df7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa18d2a83fba7fff81ff840a625522c79b123147ea7fd4ce76d86cd6b59f0df7
Size

1.1MB
Sample

221011-vxnfmsfedr
MD5

76129308241ae5ac4d200214b352f7d0
SHA1

ff30e79e82082092ae9a174d0682e60bf30f3fb6
SHA256

fa18d2a83fba7fff81ff840a625522c79b123147ea7fd4ce76d86cd6b59f0df7
SHA512

ccb274f735b3e022dc6fc7c4660b9bdd495cc90526673f5a4d0dda71beadd764a7626e45499fb1815fd759d25b8389a5092b680fe019011a37461838de5def2b
SSDEEP

24576:YR/cLzx3RgD5mXegr4R0ejdwFTP2hTfqYT1+jM34mPL/fiWMtdsPg:e/c53RgD5mOdRTOShTfq4/34OniWMt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  fa18d2a83fba7fff81ff840a625522c79b123147ea7fd4ce76d86cd6b59f0df7
- Size
  
  1.1MB
- MD5
  
  76129308241ae5ac4d200214b352f7d0
- SHA1
  
  ff30e79e82082092ae9a174d0682e60bf30f3fb6
- SHA256
  
  fa18d2a83fba7fff81ff840a625522c79b123147ea7fd4ce76d86cd6b59f0df7
- SHA512
  
  ccb274f735b3e022dc6fc7c4660b9bdd495cc90526673f5a4d0dda71beadd764a7626e45499fb1815fd759d25b8389a5092b680fe019011a37461838de5def2b
- SSDEEP
  
  24576:YR/cLzx3RgD5mXegr4R0ejdwFTP2hTfqYT1+jM34mPL/fiWMtdsPg:e/c53RgD5mOdRTOShTfq4/34OniWMt
Score

10^/10

evasion trojan
- Windows security bypass
  evasion trojan
- Drops file in Drivers directory
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2