a514ff7dee704397d3a40403ae72a1b4d0438125c27cb54ea40dfc6c17008492 | Triage

Sharing

General

Target

a514ff7dee704397d3a40403ae72a1b4d0438125c27cb54ea40dfc6c17008492
Size

412KB
Sample

221123-lx5v9ace95
MD5

0aa9633a924967153623f1b209f45953
SHA1

305f100f9139f204df8771ee4d2374e76d038f91
SHA256

a514ff7dee704397d3a40403ae72a1b4d0438125c27cb54ea40dfc6c17008492
SHA512

a50bba4cd83d0e17b61618b54d1404631f13680edcd6624f3d3026fb816db2ffe589b6da8124751c9b2cf3f3622c99b5cacd933c167c9755ab5e00c5a61c54d7
SSDEEP

12288:rxEEhphg6Srp+2HZ/c8LHhqdxQkOLT4u6pqJA:rxRhphg6J25/GdxQlkqJ

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  a514ff7dee704397d3a40403ae72a1b4d0438125c27cb54ea40dfc6c17008492
- Size
  
  412KB
- MD5
  
  0aa9633a924967153623f1b209f45953
- SHA1
  
  305f100f9139f204df8771ee4d2374e76d038f91
- SHA256
  
  a514ff7dee704397d3a40403ae72a1b4d0438125c27cb54ea40dfc6c17008492
- SHA512
  
  a50bba4cd83d0e17b61618b54d1404631f13680edcd6624f3d3026fb816db2ffe589b6da8124751c9b2cf3f3622c99b5cacd933c167c9755ab5e00c5a61c54d7
- SSDEEP
  
  12288:rxEEhphg6Srp+2HZ/c8LHhqdxQkOLT4u6pqJA:rxRhphg6J25/GdxQlkqJ
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2