f77cf9f1d3c9c2f7528b969f2d34d04e2e5359c2be66687ff5817ad797f8c766 | Triage

Sharing

General

Target

f77cf9f1d3c9c2f7528b969f2d34d04e2e5359c2be66687ff5817ad797f8c766
Size

464KB
Sample

221124-vavansbc4s
MD5

d0537315d2c88ffe32dcfa2fe7499b65
SHA1

0735672d10b2a3e7f10dc632cd51b61e3bbd2e11
SHA256

f77cf9f1d3c9c2f7528b969f2d34d04e2e5359c2be66687ff5817ad797f8c766
SHA512

504e58c427d2153881ecac319112f0670063baa66b2ea80259fe34541dfdde8c130f2e60402548104f942750d9736aaa2b35c09e9def146920c989b2bfeacae4
SSDEEP

12288:K3FgD1EK5eOkodHq9d+1U0rWSB7oCqB5SlV:Ig5eAdK+1UqWeuK/

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  f77cf9f1d3c9c2f7528b969f2d34d04e2e5359c2be66687ff5817ad797f8c766
- Size
  
  464KB
- MD5
  
  d0537315d2c88ffe32dcfa2fe7499b65
- SHA1
  
  0735672d10b2a3e7f10dc632cd51b61e3bbd2e11
- SHA256
  
  f77cf9f1d3c9c2f7528b969f2d34d04e2e5359c2be66687ff5817ad797f8c766
- SHA512
  
  504e58c427d2153881ecac319112f0670063baa66b2ea80259fe34541dfdde8c130f2e60402548104f942750d9736aaa2b35c09e9def146920c989b2bfeacae4
- SSDEEP
  
  12288:K3FgD1EK5eOkodHq9d+1U0rWSB7oCqB5SlV:Ig5eAdK+1UqWeuK/
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2