1026f7dbca7615f05eac74c3bd0aa0a26422f847c86b033e67ee804e3c626736 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1026f7dbca7615f05eac74c3bd0aa0a26422f847c86b033e67ee804e3c626736
Size

416KB
Sample

221030-ktpt7achhl
MD5

83aa9b9d356df0a7f516dfe28f52bf5a
SHA1

682090a2c1c2f09dfb4cab5b41d48188cd1dbbb9
SHA256

1026f7dbca7615f05eac74c3bd0aa0a26422f847c86b033e67ee804e3c626736
SHA512

5e124bf52332169ca51e879aa03a5e0823a3c8c636068eb11a2cf41d7a68d1b55f272f59f7d4b5d8ab5eeca3a0a8d74e1cb65aaa23d5af1774f4203e27963eda
SSDEEP

6144:UEIZfVpT8JCsigkUMPwfmYK/gcqeAnAGJEG32oNL559JRiq7AxglF3C:UTN96CDgswKeeAnAmDzl3iq7p3

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  1026f7dbca7615f05eac74c3bd0aa0a26422f847c86b033e67ee804e3c626736
- Size
  
  416KB
- MD5
  
  83aa9b9d356df0a7f516dfe28f52bf5a
- SHA1
  
  682090a2c1c2f09dfb4cab5b41d48188cd1dbbb9
- SHA256
  
  1026f7dbca7615f05eac74c3bd0aa0a26422f847c86b033e67ee804e3c626736
- SHA512
  
  5e124bf52332169ca51e879aa03a5e0823a3c8c636068eb11a2cf41d7a68d1b55f272f59f7d4b5d8ab5eeca3a0a8d74e1cb65aaa23d5af1774f4203e27963eda
- SSDEEP
  
  6144:UEIZfVpT8JCsigkUMPwfmYK/gcqeAnAGJEG32oNL559JRiq7AxglF3C:UTN96CDgswKeeAnAmDzl3iq7p3
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2