1fbb6393e4cf576e0f11b615e0990a8b2134b0ea0e9ec58374f7e7f49125d6f4 | Triage

Sharing

General

Target

1fbb6393e4cf576e0f11b615e0990a8b2134b0ea0e9ec58374f7e7f49125d6f4
Size

184KB
Sample

221123-r6svyaae53
MD5

c1d322b838b40a2f040e3f22e1fb4f41
SHA1

b1245503bd123de66e2a1183b6c08010f2a03194
SHA256

1fbb6393e4cf576e0f11b615e0990a8b2134b0ea0e9ec58374f7e7f49125d6f4
SHA512

67e2123b2a82d40dd207bbbb9320e74b523dc22b5de15b96cb976dee15eb993e4dbd3ab0ace6de1bb9ee01e18a8c824c67373c8894671974ae75627e9c062cfc
SSDEEP

3072:5AUvnyA6tx3W7c4iFyLN1oGpVOfZaIHmmC8J26HucX:rvn0xz4bB1trYmmCI2UF

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  1fbb6393e4cf576e0f11b615e0990a8b2134b0ea0e9ec58374f7e7f49125d6f4
- Size
  
  184KB
- MD5
  
  c1d322b838b40a2f040e3f22e1fb4f41
- SHA1
  
  b1245503bd123de66e2a1183b6c08010f2a03194
- SHA256
  
  1fbb6393e4cf576e0f11b615e0990a8b2134b0ea0e9ec58374f7e7f49125d6f4
- SHA512
  
  67e2123b2a82d40dd207bbbb9320e74b523dc22b5de15b96cb976dee15eb993e4dbd3ab0ace6de1bb9ee01e18a8c824c67373c8894671974ae75627e9c062cfc
- SSDEEP
  
  3072:5AUvnyA6tx3W7c4iFyLN1oGpVOfZaIHmmC8J26HucX:rvn0xz4bB1trYmmCI2UF
Score

10^/10

evasion persistence trojan
- Modifies visiblity of hidden/system files in Explorer
  evasion
- UAC bypass
  evasion trojan
- Adds policy Run key to start application
  persistence
- Blocklisted process makes network request
- Disables taskbar notifications via registry modification
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2