875288e5bc16f4efe53c18abbf44a4508d0cbe938f2e7f0a46a800f2524c1948 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

875288e5bc16f4efe53c18abbf44a4508d0cbe938f2e7f0a46a800f2524c1948
Size

1.1MB
Sample

221123-y5r1ksbh95
MD5

b0ff508c04a231bd936aad14c502a92f
SHA1

0b4b85d2f2f1deaf04286ab35c9fa48cb230419d
SHA256

875288e5bc16f4efe53c18abbf44a4508d0cbe938f2e7f0a46a800f2524c1948
SHA512

30f7e744c299b3cd374e8d60566608ee7edfc70f29f27639e094f84f11cc8c7d772eaa16a37c8272740b6ff60811079e5c1ce903ea8bb12c3fb80c1548a4583b
SSDEEP

24576:mtb20pkaCqT5TBWgNQ7aYMM8MLMM2H4hf9gj6A:TVg5tQ7aYMMtLMM2HQf9w5

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  875288e5bc16f4efe53c18abbf44a4508d0cbe938f2e7f0a46a800f2524c1948
- Size
  
  1.1MB
- MD5
  
  b0ff508c04a231bd936aad14c502a92f
- SHA1
  
  0b4b85d2f2f1deaf04286ab35c9fa48cb230419d
- SHA256
  
  875288e5bc16f4efe53c18abbf44a4508d0cbe938f2e7f0a46a800f2524c1948
- SHA512
  
  30f7e744c299b3cd374e8d60566608ee7edfc70f29f27639e094f84f11cc8c7d772eaa16a37c8272740b6ff60811079e5c1ce903ea8bb12c3fb80c1548a4583b
- SSDEEP
  
  24576:mtb20pkaCqT5TBWgNQ7aYMM8MLMM2H4hf9gj6A:TVg5tQ7aYMMtLMM2HQf9w5
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Deletes itself
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Install Root Certificate

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan