89f274ab0b13a3c2e9e6132d7dd5cdbfa3bcf46f3e27acb9c7767abad17c70dc | Triage

Sharing

General

Target

89f274ab0b13a3c2e9e6132d7dd5cdbfa3bcf46f3e27acb9c7767abad17c70dc
Size

396KB
Sample

221123-q12p8afd53
MD5

aff977133bd6b81d9c2ba03e474acbe1
SHA1

6c0bd601035b95750a461a912620df668d551b18
SHA256

89f274ab0b13a3c2e9e6132d7dd5cdbfa3bcf46f3e27acb9c7767abad17c70dc
SHA512

821bc46459c2fe86e642ec5cb5d7ec553c0609a4beaf37600d78762356ef4bb87047e471b35c7efe91efcd4ab16b2287742c34442593857c448540c969bffa9b
SSDEEP

6144:1+Dy+kZ9+s59IMx4WDYHE4O8eKoBH/czphZZF/O3inJhGjAr:1+OxmKf7xU9ACJhAAr

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  89f274ab0b13a3c2e9e6132d7dd5cdbfa3bcf46f3e27acb9c7767abad17c70dc
- Size
  
  396KB
- MD5
  
  aff977133bd6b81d9c2ba03e474acbe1
- SHA1
  
  6c0bd601035b95750a461a912620df668d551b18
- SHA256
  
  89f274ab0b13a3c2e9e6132d7dd5cdbfa3bcf46f3e27acb9c7767abad17c70dc
- SHA512
  
  821bc46459c2fe86e642ec5cb5d7ec553c0609a4beaf37600d78762356ef4bb87047e471b35c7efe91efcd4ab16b2287742c34442593857c448540c969bffa9b
- SSDEEP
  
  6144:1+Dy+kZ9+s59IMx4WDYHE4O8eKoBH/czphZZF/O3inJhGjAr:1+OxmKf7xU9ACJhAAr
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2