9b8c493911b1fa6523f7bca882ae6ed08d8b0624bbf68cc0ee96e1c49b56bfd6 | Triage

Sharing

General

Target

9b8c493911b1fa6523f7bca882ae6ed08d8b0624bbf68cc0ee96e1c49b56bfd6
Size

436KB
Sample

221030-pmtxsaafc2
MD5

a2a9383f5cc3034f11c8f674bd45a430
SHA1

f94f0b695246307111c1eacdc6594819c8f49955
SHA256

9b8c493911b1fa6523f7bca882ae6ed08d8b0624bbf68cc0ee96e1c49b56bfd6
SHA512

b5a1a340cfe13af8896fbb3680dcc71568c4908cbeb6b4250b04251f7f2a09db39d5e0358d280fa57bc697d9a0327b050cb05ef314989baaf585182029f04808
SSDEEP

12288:1JER0K8eDffRRFYis8w3j3Z3mTQ2p2jNP4MRjG1XIuCCZ:T+jFY2wz3Z3WQ2peRC1X7

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  9b8c493911b1fa6523f7bca882ae6ed08d8b0624bbf68cc0ee96e1c49b56bfd6
- Size
  
  436KB
- MD5
  
  a2a9383f5cc3034f11c8f674bd45a430
- SHA1
  
  f94f0b695246307111c1eacdc6594819c8f49955
- SHA256
  
  9b8c493911b1fa6523f7bca882ae6ed08d8b0624bbf68cc0ee96e1c49b56bfd6
- SHA512
  
  b5a1a340cfe13af8896fbb3680dcc71568c4908cbeb6b4250b04251f7f2a09db39d5e0358d280fa57bc697d9a0327b050cb05ef314989baaf585182029f04808
- SSDEEP
  
  12288:1JER0K8eDffRRFYis8w3j3Z3mTQ2p2jNP4MRjG1XIuCCZ:T+jFY2wz3Z3WQ2peRC1X7
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2