9ca04c9198cc2d184b3f5ea3ff4161938c8d95c7efdd3d85cd33d1c4acbc07c7 | Triage

Sharing

General

Target

9ca04c9198cc2d184b3f5ea3ff4161938c8d95c7efdd3d85cd33d1c4acbc07c7
Size

370KB
Sample

221123-lx25csce93
MD5

1d281bd4ce4ba0361cb0b06366244c74
SHA1

f999ccb49543bf413449a3cb9d5f6debe2659f84
SHA256

9ca04c9198cc2d184b3f5ea3ff4161938c8d95c7efdd3d85cd33d1c4acbc07c7
SHA512

89943f84389979b230bc97111e9aef1a4b581d6501e7f950170adcb09afec2d0659b45498d9ca707d26b5efaaea755aa02d5d31ec0e1dadb071d617fe2ce9b03
SSDEEP

6144:7TQtCkTZJQP4MwopG9rCJtxr25JVhtesH+IbYYQRNe7FJJ:XQt9ZM4MjGrCJtVGVhteFYfZ

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  9ca04c9198cc2d184b3f5ea3ff4161938c8d95c7efdd3d85cd33d1c4acbc07c7
- Size
  
  370KB
- MD5
  
  1d281bd4ce4ba0361cb0b06366244c74
- SHA1
  
  f999ccb49543bf413449a3cb9d5f6debe2659f84
- SHA256
  
  9ca04c9198cc2d184b3f5ea3ff4161938c8d95c7efdd3d85cd33d1c4acbc07c7
- SHA512
  
  89943f84389979b230bc97111e9aef1a4b581d6501e7f950170adcb09afec2d0659b45498d9ca707d26b5efaaea755aa02d5d31ec0e1dadb071d617fe2ce9b03
- SSDEEP
  
  6144:7TQtCkTZJQP4MwopG9rCJtxr25JVhtesH+IbYYQRNe7FJJ:XQt9ZM4MjGrCJtVGVhteFYfZ
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2