91d60964d55d89eb5cb13801b5c11c203f655fefa6871d5f4e1ebd35d4d65655 | Triage

Sharing

General

Target

91d60964d55d89eb5cb13801b5c11c203f655fefa6871d5f4e1ebd35d4d65655
Size

499KB
Sample

221123-qybq1sfb55
MD5

e123e046e3abd48a95b552b41b75a44d
SHA1

8c4952de25385fa3e38032c711d4a2505de3aee3
SHA256

91d60964d55d89eb5cb13801b5c11c203f655fefa6871d5f4e1ebd35d4d65655
SHA512

76722ecb00c54776813de019bf52be7c8d08ae13b6f56a08b7b54660af79408a7c092aa848707b56e25baaf858e1b0e89ae6c30dd8d4db931d04b4973b765ca6
SSDEEP

6144:UzXhvkZ8gulzV2V9/H5DTwaHd6dcNiXPnpUTJPyd+MElqwkp7:yxMZu2z96dcYXPnpcJPydjZ

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  91d60964d55d89eb5cb13801b5c11c203f655fefa6871d5f4e1ebd35d4d65655
- Size
  
  499KB
- MD5
  
  e123e046e3abd48a95b552b41b75a44d
- SHA1
  
  8c4952de25385fa3e38032c711d4a2505de3aee3
- SHA256
  
  91d60964d55d89eb5cb13801b5c11c203f655fefa6871d5f4e1ebd35d4d65655
- SHA512
  
  76722ecb00c54776813de019bf52be7c8d08ae13b6f56a08b7b54660af79408a7c092aa848707b56e25baaf858e1b0e89ae6c30dd8d4db931d04b4973b765ca6
- SSDEEP
  
  6144:UzXhvkZ8gulzV2V9/H5DTwaHd6dcNiXPnpUTJPyd+MElqwkp7:yxMZu2z96dcYXPnpcJPydjZ
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2