c7072f650d5804075921c7fbb1f16893acd958809f6d54ba2508cd5ba4171ed9 | Triage

Sharing

General

Target

c7072f650d5804075921c7fbb1f16893acd958809f6d54ba2508cd5ba4171ed9
Size

420KB
Sample

221123-lxvehsce78
MD5

04eb6bf092a77d49512d91ffcb88c5ff
SHA1

ebeca76f37a0644eb5c6fadfe732d5e04e8e3e8e
SHA256

c7072f650d5804075921c7fbb1f16893acd958809f6d54ba2508cd5ba4171ed9
SHA512

32ecb05d28811b68838a65b77f499c1f8d063446040907824bc232f982f76cf72062d32e1a69265566384ad987f8945e8368bb68f7eaa75762991cb988d74c40
SSDEEP

12288:RMZ4uk7hAwWDKIukl1gX4/eaOqubUxrJKCfkk3lg:RK3k7hAvT84OXbUFoCF

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  c7072f650d5804075921c7fbb1f16893acd958809f6d54ba2508cd5ba4171ed9
- Size
  
  420KB
- MD5
  
  04eb6bf092a77d49512d91ffcb88c5ff
- SHA1
  
  ebeca76f37a0644eb5c6fadfe732d5e04e8e3e8e
- SHA256
  
  c7072f650d5804075921c7fbb1f16893acd958809f6d54ba2508cd5ba4171ed9
- SHA512
  
  32ecb05d28811b68838a65b77f499c1f8d063446040907824bc232f982f76cf72062d32e1a69265566384ad987f8945e8368bb68f7eaa75762991cb988d74c40
- SSDEEP
  
  12288:RMZ4uk7hAwWDKIukl1gX4/eaOqubUxrJKCfkk3lg:RK3k7hAvT84OXbUFoCF
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2