abe2da2c662687a10e8c7a80cfd878412733b276c0d7132657e46aba35ff4602 | Triage

Sharing

General

Target

abe2da2c662687a10e8c7a80cfd878412733b276c0d7132657e46aba35ff4602
Size

4.3MB
Sample

221124-e1e1nscb51
MD5

0dd5c578a05200ba8858b9ee2f91fc18
SHA1

2b72d2b4dd4d0ff857b621c67fa3dd2fbc3c0779
SHA256

abe2da2c662687a10e8c7a80cfd878412733b276c0d7132657e46aba35ff4602
SHA512

5f36fd08b7636f7024e823603f2aa5000c33b6d5df9921bbf7f1cdf35d8f554577db5e5a61f779ee1ad30cecaed940912b3c95f3e0499f6c74e1c3a245241bc7
SSDEEP

98304:OT0vrr3UdqZwChyo1eaTkIVi4/+NbVQEMTpT9kk1UCqqM6yrQh:DrqvnocaTk3u+xsFT9kkaD60Qh

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  abe2da2c662687a10e8c7a80cfd878412733b276c0d7132657e46aba35ff4602
- Size
  
  4.3MB
- MD5
  
  0dd5c578a05200ba8858b9ee2f91fc18
- SHA1
  
  2b72d2b4dd4d0ff857b621c67fa3dd2fbc3c0779
- SHA256
  
  abe2da2c662687a10e8c7a80cfd878412733b276c0d7132657e46aba35ff4602
- SHA512
  
  5f36fd08b7636f7024e823603f2aa5000c33b6d5df9921bbf7f1cdf35d8f554577db5e5a61f779ee1ad30cecaed940912b3c95f3e0499f6c74e1c3a245241bc7
- SSDEEP
  
  98304:OT0vrr3UdqZwChyo1eaTkIVi4/+NbVQEMTpT9kk1UCqqM6yrQh:DrqvnocaTk3u+xsFT9kkaD60Qh
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan