68ccf9493999953a393112515205648e8f3b7268954470036fab27b7b3678f11 | Triage

Sharing

General

Target

68ccf9493999953a393112515205648e8f3b7268954470036fab27b7b3678f11
Size

448KB
Sample

221123-nbfeksgc82
MD5

37a4181cb60bcae4085c92bd932773d6
SHA1

a184e03ee86c3ccd06a1c16235880b37809a05f4
SHA256

68ccf9493999953a393112515205648e8f3b7268954470036fab27b7b3678f11
SHA512

12384713ff7a51dbe26fdf683cd03955b3cd803e5c1baf8364b98b2de9d3d9b91672502734c1954b7fdf8c56cbedb7e7deb6a16a6bc12d414a2b201303c92e55
SSDEEP

6144:yI/Jb4l8A7hVgqHh9qT9gn4hutO2JPa5rAUageFaEupYseERsgVfMO1v4lXtZZCD:yIB4lP0qBEJhtKa5P0kjZVmldCH9

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  68ccf9493999953a393112515205648e8f3b7268954470036fab27b7b3678f11
- Size
  
  448KB
- MD5
  
  37a4181cb60bcae4085c92bd932773d6
- SHA1
  
  a184e03ee86c3ccd06a1c16235880b37809a05f4
- SHA256
  
  68ccf9493999953a393112515205648e8f3b7268954470036fab27b7b3678f11
- SHA512
  
  12384713ff7a51dbe26fdf683cd03955b3cd803e5c1baf8364b98b2de9d3d9b91672502734c1954b7fdf8c56cbedb7e7deb6a16a6bc12d414a2b201303c92e55
- SSDEEP
  
  6144:yI/Jb4l8A7hVgqHh9qT9gn4hutO2JPa5rAUageFaEupYseERsgVfMO1v4lXtZZCD:yIB4lP0qBEJhtKa5P0kjZVmldCH9
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2