1311ef33a9aee45daada72db1d19ff1b6fc545c87f109bf9a5b91829179bbd4f | Triage

Sharing

General

Target

1311ef33a9aee45daada72db1d19ff1b6fc545c87f109bf9a5b91829179bbd4f
Size

365KB
Sample

221123-lytjlscf53
MD5

828f7da732feba09b289da22af8e1d86
SHA1

25d031eb2830145216858a81a8e8584a9f9271ef
SHA256

1311ef33a9aee45daada72db1d19ff1b6fc545c87f109bf9a5b91829179bbd4f
SHA512

54b107d467cab91375b4a9a15b590de38fc9644ed6801911898baf0db04047a45c983be1a54b9981a83d92353a907cb6d96d3528c66c0e79671892c15219a1f8
SSDEEP

6144:nlRMja4hib4j8jf51Qx7O6bcLehsEwkoK/6ERdFQJdlMu6lb/01apjbV6m8lL:lRMWx4ojf51aTcK0NEQUd0op3QlL

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  1311ef33a9aee45daada72db1d19ff1b6fc545c87f109bf9a5b91829179bbd4f
- Size
  
  365KB
- MD5
  
  828f7da732feba09b289da22af8e1d86
- SHA1
  
  25d031eb2830145216858a81a8e8584a9f9271ef
- SHA256
  
  1311ef33a9aee45daada72db1d19ff1b6fc545c87f109bf9a5b91829179bbd4f
- SHA512
  
  54b107d467cab91375b4a9a15b590de38fc9644ed6801911898baf0db04047a45c983be1a54b9981a83d92353a907cb6d96d3528c66c0e79671892c15219a1f8
- SSDEEP
  
  6144:nlRMja4hib4j8jf51Qx7O6bcLehsEwkoK/6ERdFQJdlMu6lb/01apjbV6m8lL:lRMWx4ojf51aTcK0NEQUd0op3QlL
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2