db8a51633e5400fa5e7767af1aaa4bbbad053b9eb682a9fb990d179d3780836b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db8a51633e5400fa5e7767af1aaa4bbbad053b9eb682a9fb990d179d3780836b
Size

400KB
Sample

221107-l361hadchq
MD5

07b7405c29766fffec41adc50ea0d1f8
SHA1

a5e0f1d3f4349c97c228a3337d85ffc2345adad6
SHA256

db8a51633e5400fa5e7767af1aaa4bbbad053b9eb682a9fb990d179d3780836b
SHA512

5ed6069e1b50ed237c98a9cd5b4a1f5dad9d1a5bffb6bc4a2564c6b517e2b53fe268d142054772259dc6c2b3d04cf2dacd8b51c502cc25698ea4ba1b9d856551
SSDEEP

12288:w6O5EyYxF/EbSGSF8KQmkcjJUU69nTvnOF:pGEbxZnQf5U69nr

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  db8a51633e5400fa5e7767af1aaa4bbbad053b9eb682a9fb990d179d3780836b
- Size
  
  400KB
- MD5
  
  07b7405c29766fffec41adc50ea0d1f8
- SHA1
  
  a5e0f1d3f4349c97c228a3337d85ffc2345adad6
- SHA256
  
  db8a51633e5400fa5e7767af1aaa4bbbad053b9eb682a9fb990d179d3780836b
- SHA512
  
  5ed6069e1b50ed237c98a9cd5b4a1f5dad9d1a5bffb6bc4a2564c6b517e2b53fe268d142054772259dc6c2b3d04cf2dacd8b51c502cc25698ea4ba1b9d856551
- SSDEEP
  
  12288:w6O5EyYxF/EbSGSF8KQmkcjJUU69nTvnOF:pGEbxZnQf5U69nr
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan