95c779062195047f526ccbb95e686e7915ed487f762d87c4ba6230b82b54a31f | Triage

Sharing

General

Target

95c779062195047f526ccbb95e686e7915ed487f762d87c4ba6230b82b54a31f
Size

385KB
Sample

221019-14648aagb8
MD5

91b4b288bf8c8e950de99e06a0c03fb0
SHA1

2d47846b5fa029c92082c55e2c6a3489048fc3ec
SHA256

95c779062195047f526ccbb95e686e7915ed487f762d87c4ba6230b82b54a31f
SHA512

2600283fd781e52a53ff920931d5cbd456edc3a9f2d13c90a52c2bad30f6d4b14d904d0fbaf0a0437c8e2fb42f8cad010973b83928096e062318b9baa2cc0b20
SSDEEP

12288:LE4Skfuk5k9820R9Hf9Bkd/iIg4qOQviUynbFI:LE4lbW82wF2Bi/9NObFI

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  95c779062195047f526ccbb95e686e7915ed487f762d87c4ba6230b82b54a31f
- Size
  
  385KB
- MD5
  
  91b4b288bf8c8e950de99e06a0c03fb0
- SHA1
  
  2d47846b5fa029c92082c55e2c6a3489048fc3ec
- SHA256
  
  95c779062195047f526ccbb95e686e7915ed487f762d87c4ba6230b82b54a31f
- SHA512
  
  2600283fd781e52a53ff920931d5cbd456edc3a9f2d13c90a52c2bad30f6d4b14d904d0fbaf0a0437c8e2fb42f8cad010973b83928096e062318b9baa2cc0b20
- SSDEEP
  
  12288:LE4Skfuk5k9820R9Hf9Bkd/iIg4qOQviUynbFI:LE4lbW82wF2Bi/9NObFI
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2