d124871de2ab6aadae019963e54f8d527ed9558e766d98ee245229c06d612baa | Triage

Sharing

General

Target

d124871de2ab6aadae019963e54f8d527ed9558e766d98ee245229c06d612baa
Size

201KB
Sample

221123-qae4jage3s
MD5

2de0f934fac420514158e8df4da77ba1
SHA1

a82f110bf4ced6728cace8cb39ce6c68ae6035bf
SHA256

d124871de2ab6aadae019963e54f8d527ed9558e766d98ee245229c06d612baa
SHA512

8bb8994a75b771e9257cc3ccb8255b8926ee9fe5f26c363daeb73457978d8e8d4b672ce5cb95be45e211e1bc53268636031656362f69e7fd49a205567972a8f3
SSDEEP

3072:mX+WVSqdLnLLlEcYi5p6B2Miy+vEMdhsAT1Oy5+cSRo0CQFqEio7zQ:mX9SMLpHYi2B2HyTMVLb6ozBER7U

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  d124871de2ab6aadae019963e54f8d527ed9558e766d98ee245229c06d612baa
- Size
  
  201KB
- MD5
  
  2de0f934fac420514158e8df4da77ba1
- SHA1
  
  a82f110bf4ced6728cace8cb39ce6c68ae6035bf
- SHA256
  
  d124871de2ab6aadae019963e54f8d527ed9558e766d98ee245229c06d612baa
- SHA512
  
  8bb8994a75b771e9257cc3ccb8255b8926ee9fe5f26c363daeb73457978d8e8d4b672ce5cb95be45e211e1bc53268636031656362f69e7fd49a205567972a8f3
- SSDEEP
  
  3072:mX+WVSqdLnLLlEcYi5p6B2Miy+vEMdhsAT1Oy5+cSRo0CQFqEio7zQ:mX9SMLpHYi2B2HyTMVLb6ozBER7U
Score

10^/10

evasion persistence trojan
- Modifies visiblity of hidden/system files in Explorer
  evasion
- UAC bypass
  evasion trojan
- Adds policy Run key to start application
  persistence
- Blocklisted process makes network request
- Disables taskbar notifications via registry modification
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Hidden Files and Directories

Modify Registry

Bypass User Account Control

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2