7a56b95e42d239933480f045cbe97bc7fcb44db980bd208c3bdb802aaaa64944 | Triage

Sharing

General

Target

7a56b95e42d239933480f045cbe97bc7fcb44db980bd208c3bdb802aaaa64944
Size

390KB
Sample

221107-pdvgysfag3
MD5

08d15fc82786af0f9f02df94b49e1f82
SHA1

c170fe9fd652695073285b86786bf744c5c1a0d1
SHA256

7a56b95e42d239933480f045cbe97bc7fcb44db980bd208c3bdb802aaaa64944
SHA512

a7fd2969b0e5d87a692fa2e986d0b76de982dd326db5d597ef6c22da5fb56747558ce434933efa6dfdaab1e62c3da386baa5fc8800da77c8179fd07f7608ad37
SSDEEP

6144:XqwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnr:ZO1xm+QoK0t4K3gCTDYWGrYzt+NST

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  7a56b95e42d239933480f045cbe97bc7fcb44db980bd208c3bdb802aaaa64944
- Size
  
  390KB
- MD5
  
  08d15fc82786af0f9f02df94b49e1f82
- SHA1
  
  c170fe9fd652695073285b86786bf744c5c1a0d1
- SHA256
  
  7a56b95e42d239933480f045cbe97bc7fcb44db980bd208c3bdb802aaaa64944
- SHA512
  
  a7fd2969b0e5d87a692fa2e986d0b76de982dd326db5d597ef6c22da5fb56747558ce434933efa6dfdaab1e62c3da386baa5fc8800da77c8179fd07f7608ad37
- SSDEEP
  
  6144:XqwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnr:ZO1xm+QoK0t4K3gCTDYWGrYzt+NST
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2