28680a384a4b10dc4bb357ef1ec988f989f15685eeee257262a047cff1285fd2 | Triage

Sharing

General

Target

28680a384a4b10dc4bb357ef1ec988f989f15685eeee257262a047cff1285fd2
Size

214KB
Sample

221125-j244each94
MD5

125f7ee0e477b2d38324e898c59122d4
SHA1

95fff303a269619eab0d42de87ca8996d5dd1f87
SHA256

28680a384a4b10dc4bb357ef1ec988f989f15685eeee257262a047cff1285fd2
SHA512

eb4cb537019f7b72f357901e6acf67deb491990eecaac92572dcaef4b6b2fe4902009e94fd2ea486a82aa3fc7f701b88c98c0ed907252e817590d82d0c4f987c
SSDEEP

3072:lt5y3I0xY1ECtsY41XyGaALHPJ3XXbCDh2FmEhp9xlMxvi6+5hLgl:pgTzCt/4OAB3nbCN2cSQx6d5hA

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  28680a384a4b10dc4bb357ef1ec988f989f15685eeee257262a047cff1285fd2
- Size
  
  214KB
- MD5
  
  125f7ee0e477b2d38324e898c59122d4
- SHA1
  
  95fff303a269619eab0d42de87ca8996d5dd1f87
- SHA256
  
  28680a384a4b10dc4bb357ef1ec988f989f15685eeee257262a047cff1285fd2
- SHA512
  
  eb4cb537019f7b72f357901e6acf67deb491990eecaac92572dcaef4b6b2fe4902009e94fd2ea486a82aa3fc7f701b88c98c0ed907252e817590d82d0c4f987c
- SSDEEP
  
  3072:lt5y3I0xY1ECtsY41XyGaALHPJ3XXbCDh2FmEhp9xlMxvi6+5hLgl:pgTzCt/4OAB3nbCN2cSQx6d5hA
Score

10^/10

evasion persistence trojan
- Modifies visiblity of hidden/system files in Explorer
  evasion
- UAC bypass
  evasion trojan
- Adds policy Run key to start application
  persistence
- Blocklisted process makes network request
- Disables taskbar notifications via registry modification
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Hidden Files and Directories

Modify Registry

Bypass User Account Control

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2