817e0853509519f1de833ffc8f2b0e4e6a10e03901064e15192ce40c45fdd6a9 | Triage

Sharing

General

Target

817e0853509519f1de833ffc8f2b0e4e6a10e03901064e15192ce40c45fdd6a9
Size

96KB
Sample

221020-ldkqzafdbr
MD5

808e61d425cd4054b70ff959f9448e14
SHA1

bd709b9d5f74905b3e4c954c15ec03409aa210f5
SHA256

817e0853509519f1de833ffc8f2b0e4e6a10e03901064e15192ce40c45fdd6a9
SHA512

7594a757498dc809b8e0d43be5e51140d4989a11c808eb643fa19e3315072e1a5c7f803402f3770049e74b9c45ae5eeaf1c85201d4245c9e5752a2c765b685cc
SSDEEP

1536:Ei6PWf+maZbXvlpyIfzzRBBzBd98mDuh:b/f+maZzlp/f3FzDy7h

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  817e0853509519f1de833ffc8f2b0e4e6a10e03901064e15192ce40c45fdd6a9
- Size
  
  96KB
- MD5
  
  808e61d425cd4054b70ff959f9448e14
- SHA1
  
  bd709b9d5f74905b3e4c954c15ec03409aa210f5
- SHA256
  
  817e0853509519f1de833ffc8f2b0e4e6a10e03901064e15192ce40c45fdd6a9
- SHA512
  
  7594a757498dc809b8e0d43be5e51140d4989a11c808eb643fa19e3315072e1a5c7f803402f3770049e74b9c45ae5eeaf1c85201d4245c9e5752a2c765b685cc
- SSDEEP
  
  1536:Ei6PWf+maZbXvlpyIfzzRBBzBd98mDuh:b/f+maZzlp/f3FzDy7h
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2