650d29f9f93a06b7ff469999616148404b75a85849fe7e18e75e2260cf345a03 | Triage

Sharing

General

Target

650d29f9f93a06b7ff469999616148404b75a85849fe7e18e75e2260cf345a03
Size

340KB
Sample

221124-e8hfrshe99
MD5

bbe606f791a2c63fbe1b641fff80b093
SHA1

240bfeb8c04c2bec8a64ea42f27e193efa610c7d
SHA256

650d29f9f93a06b7ff469999616148404b75a85849fe7e18e75e2260cf345a03
SHA512

a3237ff587bac4983936a82313141bc92d1e248a46393b956df8bf1c08302e5ea5298f7abd3884125f41fcad5796a257770d9c3e6c08449a53fe2b7d12baa585
SSDEEP

6144:TzGKZ5lAQNoQkZ3nBafQrlGq+wZmUoGOfuC1HWeLAPBq55QaePG/d:TzGKZ/oQk/afQxdJZmUorfRWWgq55V

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  650d29f9f93a06b7ff469999616148404b75a85849fe7e18e75e2260cf345a03
- Size
  
  340KB
- MD5
  
  bbe606f791a2c63fbe1b641fff80b093
- SHA1
  
  240bfeb8c04c2bec8a64ea42f27e193efa610c7d
- SHA256
  
  650d29f9f93a06b7ff469999616148404b75a85849fe7e18e75e2260cf345a03
- SHA512
  
  a3237ff587bac4983936a82313141bc92d1e248a46393b956df8bf1c08302e5ea5298f7abd3884125f41fcad5796a257770d9c3e6c08449a53fe2b7d12baa585
- SSDEEP
  
  6144:TzGKZ5lAQNoQkZ3nBafQrlGq+wZmUoGOfuC1HWeLAPBq55QaePG/d:TzGKZ/oQk/afQxdJZmUorfRWWgq55V
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2