a6fd01152a9b80b3ca40e50571d790aff2d49cf9ea00f9f7a995de9b7d57a7a4 | Triage

Sharing

General

Target

a6fd01152a9b80b3ca40e50571d790aff2d49cf9ea00f9f7a995de9b7d57a7a4
Size

691KB
Sample

221125-yapa7sae29
MD5

f58b3419bf43dc82c56f1fda0358c645
SHA1

63c6acc7b3a0582cb5075d8bb8346e41d711710b
SHA256

a6fd01152a9b80b3ca40e50571d790aff2d49cf9ea00f9f7a995de9b7d57a7a4
SHA512

652b2b84c7ae1838fd42ab2e7ae9dd75c8a6bfedafef9b70a0d9d0cb1465c294dcf4b8ef0813e39edd7b1cd562b4a51172e788747720bad5fc4a6779f4c5bc32
SSDEEP

12288:rNIQAPGsAqY9IMVYd38sJdpQHlGlY8KfTZ5qvD4yvtSgRxFn8EWb/l9TXQCM:MPGSY91VwNJcFMqTZeNDRWbdVXlM

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  a6fd01152a9b80b3ca40e50571d790aff2d49cf9ea00f9f7a995de9b7d57a7a4
- Size
  
  691KB
- MD5
  
  f58b3419bf43dc82c56f1fda0358c645
- SHA1
  
  63c6acc7b3a0582cb5075d8bb8346e41d711710b
- SHA256
  
  a6fd01152a9b80b3ca40e50571d790aff2d49cf9ea00f9f7a995de9b7d57a7a4
- SHA512
  
  652b2b84c7ae1838fd42ab2e7ae9dd75c8a6bfedafef9b70a0d9d0cb1465c294dcf4b8ef0813e39edd7b1cd562b4a51172e788747720bad5fc4a6779f4c5bc32
- SSDEEP
  
  12288:rNIQAPGsAqY9IMVYd38sJdpQHlGlY8KfTZ5qvD4yvtSgRxFn8EWb/l9TXQCM:MPGSY91VwNJcFMqTZeNDRWbdVXlM
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan