7b64e3f13acc6e1a253a1e6119fbed3556afcd9bcde174ae87e88d830960e92c | Triage

Sharing

General

Target

7b64e3f13acc6e1a253a1e6119fbed3556afcd9bcde174ae87e88d830960e92c
Size

452KB
Sample

221124-mbbkysba4s
MD5

85da4707eae099eefa4fb74265a23fa1
SHA1

6ab6e4fa12a124e60326384c4328c54f2a2fb24b
SHA256

7b64e3f13acc6e1a253a1e6119fbed3556afcd9bcde174ae87e88d830960e92c
SHA512

b476568018d3da3252b70188c6ad51d8f2d086153e88e9c940bb676dae34e02012113211b6f318ff0b5ffef09e78cf6b2a3120cddefd19641099ed2cf89c2c38
SSDEEP

12288:pz5nqHGCjyCFe8qpQiYAfj82+AxAQHZTQ1OnH/:952G4yCI8iD+AxAcWYH/

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  7b64e3f13acc6e1a253a1e6119fbed3556afcd9bcde174ae87e88d830960e92c
- Size
  
  452KB
- MD5
  
  85da4707eae099eefa4fb74265a23fa1
- SHA1
  
  6ab6e4fa12a124e60326384c4328c54f2a2fb24b
- SHA256
  
  7b64e3f13acc6e1a253a1e6119fbed3556afcd9bcde174ae87e88d830960e92c
- SHA512
  
  b476568018d3da3252b70188c6ad51d8f2d086153e88e9c940bb676dae34e02012113211b6f318ff0b5ffef09e78cf6b2a3120cddefd19641099ed2cf89c2c38
- SSDEEP
  
  12288:pz5nqHGCjyCFe8qpQiYAfj82+AxAQHZTQ1OnH/:952G4yCI8iD+AxAcWYH/
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2