453fd5ec6d26370d891279af2abe43301c47ceaf8ff4c7a448192468e23dc729 | Triage

Sharing

General

Target

453fd5ec6d26370d891279af2abe43301c47ceaf8ff4c7a448192468e23dc729
Size

1.5MB
Sample

221125-14xksadf4v
MD5

c2735466f57519e6dfa62ebc6bfab929
SHA1

72cf9a399d3ce85f85a5999b452d09ccee8a28ee
SHA256

453fd5ec6d26370d891279af2abe43301c47ceaf8ff4c7a448192468e23dc729
SHA512

75afb44e470f041b1539c039a9c1769e771c95a0e5d96b9c99ad0fac0587748ff98930236310ae371836e9c0b6a23042cb79462529bdc65d6a5234b38dd8db35
SSDEEP

49152:lkwkn9IMHeauPlNh6HIHjRZ1bs/mNsolCsaPCS:ednVgNEoD+NPC

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  453fd5ec6d26370d891279af2abe43301c47ceaf8ff4c7a448192468e23dc729
- Size
  
  1.5MB
- MD5
  
  c2735466f57519e6dfa62ebc6bfab929
- SHA1
  
  72cf9a399d3ce85f85a5999b452d09ccee8a28ee
- SHA256
  
  453fd5ec6d26370d891279af2abe43301c47ceaf8ff4c7a448192468e23dc729
- SHA512
  
  75afb44e470f041b1539c039a9c1769e771c95a0e5d96b9c99ad0fac0587748ff98930236310ae371836e9c0b6a23042cb79462529bdc65d6a5234b38dd8db35
- SSDEEP
  
  49152:lkwkn9IMHeauPlNh6HIHjRZ1bs/mNsolCsaPCS:ednVgNEoD+NPC
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Adds Run key to start application
  persistence
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan