10761618fcb66dbe87890e55b0ec0ebf578d062c78a1287985b3b96e49e2a3e0 | Triage

Sharing

General

Target

10761618fcb66dbe87890e55b0ec0ebf578d062c78a1287985b3b96e49e2a3e0
Size

213KB
Sample

221125-1ptwcacc6t
MD5

9246f749d1f6df1856a5f70f1a20fd30
SHA1

adf16a1cc1ff97c5e7418d9fae22bdf8aad20bf2
SHA256

10761618fcb66dbe87890e55b0ec0ebf578d062c78a1287985b3b96e49e2a3e0
SHA512

f1fc3e8aa77a7d1ce078a69290714a6eef06e4fa8907313041475d151f35423b2a547593e77a0a97246e8bcc1d587b3a38e18c5f7df125a7e092e4408d1e876f
SSDEEP

6144:R88HEHyWldQMPnaewqzqIJkUjAEyFo16IEXnvlzjdWJnFZ:R88HEt+FeRMvl8FZ

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  10761618fcb66dbe87890e55b0ec0ebf578d062c78a1287985b3b96e49e2a3e0
- Size
  
  213KB
- MD5
  
  9246f749d1f6df1856a5f70f1a20fd30
- SHA1
  
  adf16a1cc1ff97c5e7418d9fae22bdf8aad20bf2
- SHA256
  
  10761618fcb66dbe87890e55b0ec0ebf578d062c78a1287985b3b96e49e2a3e0
- SHA512
  
  f1fc3e8aa77a7d1ce078a69290714a6eef06e4fa8907313041475d151f35423b2a547593e77a0a97246e8bcc1d587b3a38e18c5f7df125a7e092e4408d1e876f
- SSDEEP
  
  6144:R88HEHyWldQMPnaewqzqIJkUjAEyFo16IEXnvlzjdWJnFZ:R88HEt+FeRMvl8FZ
Score

10^/10

evasion persistence trojan
- Modifies visibility of file extensions in Explorer
  evasion
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Hidden Files and Directories

Modify Registry

Bypass User Account Control

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan