5feb1573f82bbecfd38ad3a7540ca006995718063fb0ab5478771e294723e55c | Triage

Sharing

General

Target

5feb1573f82bbecfd38ad3a7540ca006995718063fb0ab5478771e294723e55c
Size

124KB
Sample

221030-zn2dcsada9
MD5

923ed39defa9bc52ad0214d12e512e19
SHA1

630aa65f760175eb89688dd4c2945cb4034f79d0
SHA256

5feb1573f82bbecfd38ad3a7540ca006995718063fb0ab5478771e294723e55c
SHA512

6247a821450f73ebaeecfe9cf26f199017fc61bac638ecf63870a34281468a07c9e1c72c4daf8ea354a42f56fe10ff14fe0f21f62ade4216106e36d6cc1d2177
SSDEEP

1536:OXgcShcuUoTvNPLTVVIJQ95/5l/Cy+YPu4wJ0D:lUoBPLJVIJQT2RMuVJ0D

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  5feb1573f82bbecfd38ad3a7540ca006995718063fb0ab5478771e294723e55c
- Size
  
  124KB
- MD5
  
  923ed39defa9bc52ad0214d12e512e19
- SHA1
  
  630aa65f760175eb89688dd4c2945cb4034f79d0
- SHA256
  
  5feb1573f82bbecfd38ad3a7540ca006995718063fb0ab5478771e294723e55c
- SHA512
  
  6247a821450f73ebaeecfe9cf26f199017fc61bac638ecf63870a34281468a07c9e1c72c4daf8ea354a42f56fe10ff14fe0f21f62ade4216106e36d6cc1d2177
- SSDEEP
  
  1536:OXgcShcuUoTvNPLTVVIJQ95/5l/Cy+YPu4wJ0D:lUoBPLJVIJQT2RMuVJ0D
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan