1a7def5c7457f76e19a7dec2c014234bc01a774016c6ecf9e3848fc584bffe97 | Triage

Sharing

General

Target

1a7def5c7457f76e19a7dec2c014234bc01a774016c6ecf9e3848fc584bffe97
Size

364KB
Sample

221123-ly893aga6x
MD5

891cc4ad6d04f29c301b62f5b12ab56c
SHA1

3ffdb2f7bf0d7ae0101680d11b2b5fdc3010cbfc
SHA256

1a7def5c7457f76e19a7dec2c014234bc01a774016c6ecf9e3848fc584bffe97
SHA512

8e2922a47ec9d8f33a0416b585a545ef66edfc281c8222b988adf5fa60e957c0d5b9f5e0d0fde5790cf9c44661d6b24007b7dc0982a2c998423a118ca776ba4e
SSDEEP

6144:YhC3IkyXMFWRPs8OW452Q0H2DjOnJm6Zy/ZPAQ9gBf:YFMFOkbV5f0H2DeJxZaZPJ+

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  1a7def5c7457f76e19a7dec2c014234bc01a774016c6ecf9e3848fc584bffe97
- Size
  
  364KB
- MD5
  
  891cc4ad6d04f29c301b62f5b12ab56c
- SHA1
  
  3ffdb2f7bf0d7ae0101680d11b2b5fdc3010cbfc
- SHA256
  
  1a7def5c7457f76e19a7dec2c014234bc01a774016c6ecf9e3848fc584bffe97
- SHA512
  
  8e2922a47ec9d8f33a0416b585a545ef66edfc281c8222b988adf5fa60e957c0d5b9f5e0d0fde5790cf9c44661d6b24007b7dc0982a2c998423a118ca776ba4e
- SSDEEP
  
  6144:YhC3IkyXMFWRPs8OW452Q0H2DjOnJm6Zy/ZPAQ9gBf:YFMFOkbV5f0H2DeJxZaZPJ+
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2