ee07bffb630712f9366788d3726e610ab1bdf44e49120157441d8e7e2f2e3b74 | Triage

Sharing

General

Target

ee07bffb630712f9366788d3726e610ab1bdf44e49120157441d8e7e2f2e3b74
Size

396KB
Sample

221124-vtzphacc9z
MD5

e53d2988aea402da7872768945aa6704
SHA1

c228131edf7150ff8ec321293356ba4094c29973
SHA256

ee07bffb630712f9366788d3726e610ab1bdf44e49120157441d8e7e2f2e3b74
SHA512

fbbbd22cb1d30f975271ff4bb70206e75f5cb027a78f8d7276dee09961736eed85f853ba84a78ee0325aa3aa0b2d09014f4767600ac7cc78a9ce4763e3d81147
SSDEEP

6144:HLRaMiOryutVTqXvZ5WdwhDXQQ8dS9SnVt2uSoasHjfo0:rRRiiyxXvHa40NfnyFzu

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  ee07bffb630712f9366788d3726e610ab1bdf44e49120157441d8e7e2f2e3b74
- Size
  
  396KB
- MD5
  
  e53d2988aea402da7872768945aa6704
- SHA1
  
  c228131edf7150ff8ec321293356ba4094c29973
- SHA256
  
  ee07bffb630712f9366788d3726e610ab1bdf44e49120157441d8e7e2f2e3b74
- SHA512
  
  fbbbd22cb1d30f975271ff4bb70206e75f5cb027a78f8d7276dee09961736eed85f853ba84a78ee0325aa3aa0b2d09014f4767600ac7cc78a9ce4763e3d81147
- SSDEEP
  
  6144:HLRaMiOryutVTqXvZ5WdwhDXQQ8dS9SnVt2uSoasHjfo0:rRRiiyxXvHa40NfnyFzu
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2