a9568c664952a6ab384fc9901fdb9fb9b12a2bcdaf5327fed154a56bc96623f9 | Triage

Sharing

General

Target

a9568c664952a6ab384fc9901fdb9fb9b12a2bcdaf5327fed154a56bc96623f9
Size

194KB
Sample

221125-h4vgbadh9y
MD5

d97abd907baf7ce7250c2e6fb66cdf39
SHA1

82420fe1d8efa0f1122dda39a05ee120955fd76c
SHA256

a9568c664952a6ab384fc9901fdb9fb9b12a2bcdaf5327fed154a56bc96623f9
SHA512

882fa7e5c79a37c5575acf395f77d78019dc8f8d4f020f320f68238a4e2c50f254040bee8b5a1983cff17dcf8bf61d535589f96b0575b9a50fec1fa236866bde
SSDEEP

3072:lt5y3I0xY1ECtsY41XyGaALHPJ3XXbCDh2FmEhp5pxYgTYCX:pgTzCt/4OAB3nbCN2cSxdX

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  a9568c664952a6ab384fc9901fdb9fb9b12a2bcdaf5327fed154a56bc96623f9
- Size
  
  194KB
- MD5
  
  d97abd907baf7ce7250c2e6fb66cdf39
- SHA1
  
  82420fe1d8efa0f1122dda39a05ee120955fd76c
- SHA256
  
  a9568c664952a6ab384fc9901fdb9fb9b12a2bcdaf5327fed154a56bc96623f9
- SHA512
  
  882fa7e5c79a37c5575acf395f77d78019dc8f8d4f020f320f68238a4e2c50f254040bee8b5a1983cff17dcf8bf61d535589f96b0575b9a50fec1fa236866bde
- SSDEEP
  
  3072:lt5y3I0xY1ECtsY41XyGaALHPJ3XXbCDh2FmEhp5pxYgTYCX:pgTzCt/4OAB3nbCN2cSxdX
Score

10^/10

evasion persistence trojan
- Modifies visiblity of hidden/system files in Explorer
  evasion
- UAC bypass
  evasion trojan
- Adds policy Run key to start application
  persistence
- Blocklisted process makes network request
- Disables taskbar notifications via registry modification
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Hidden Files and Directories

Modify Registry

Bypass User Account Control

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2