549324b79156896aa55b9acea9e8fecf158a9915b64bec4856e1d34918812c19 | Triage

Sharing

General

Target

549324b79156896aa55b9acea9e8fecf158a9915b64bec4856e1d34918812c19
Size

388KB
Sample

221123-lx88nsfh9v
MD5

78cfff1436c4e0b12c0b26456380fd31
SHA1

7ed532948e6c2b2f996cd9d21e27e3bde6bd9c7e
SHA256

549324b79156896aa55b9acea9e8fecf158a9915b64bec4856e1d34918812c19
SHA512

17ba03b5f4691a2ebc3d023aa1a373d74ae69c5daa92e9b28aadcb2455d3f51e04ed592459b521afc29054e8a9b48a1b28ae491aedf22bb0f619585d4a67d29c
SSDEEP

6144:xuHwpYjG4hK0pnqlnDsunKpAgyjiJafEIwc5rGvw6YUkr7seBw:xzl4hK8OPKpAIJaRwcsw6VqY

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  549324b79156896aa55b9acea9e8fecf158a9915b64bec4856e1d34918812c19
- Size
  
  388KB
- MD5
  
  78cfff1436c4e0b12c0b26456380fd31
- SHA1
  
  7ed532948e6c2b2f996cd9d21e27e3bde6bd9c7e
- SHA256
  
  549324b79156896aa55b9acea9e8fecf158a9915b64bec4856e1d34918812c19
- SHA512
  
  17ba03b5f4691a2ebc3d023aa1a373d74ae69c5daa92e9b28aadcb2455d3f51e04ed592459b521afc29054e8a9b48a1b28ae491aedf22bb0f619585d4a67d29c
- SSDEEP
  
  6144:xuHwpYjG4hK0pnqlnDsunKpAgyjiJafEIwc5rGvw6YUkr7seBw:xzl4hK8OPKpAIJaRwcsw6VqY
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2