95a7ad84f7123ae9763fab872bedfe3664fdf55c8b394a09605ee08a4e32f25f | Triage

Sharing

General

Target

95a7ad84f7123ae9763fab872bedfe3664fdf55c8b394a09605ee08a4e32f25f
Size

663KB
Sample

221125-yaq5ssae34
MD5

bcb844e1cb9f61ffdb26c3776c4627c6
SHA1

979aaea528ca96e71edcfde5a1172156ba401a2d
SHA256

95a7ad84f7123ae9763fab872bedfe3664fdf55c8b394a09605ee08a4e32f25f
SHA512

38e36d7062e6e4480c0380dd5f39045091b860b24c2d4b32fa3c2ac5d3b8c024eb4f0109cd0daf4631d46ddb9073faa8eee2af161bbfaf0ff0ff7431d4c5d4d9
SSDEEP

12288:qNIQAPGsAqY9IMVYd38sJdpQHlGlY8KfTHb/l9TXQCb:XPGSY91VwNJcFMqTHbdVXlb

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  95a7ad84f7123ae9763fab872bedfe3664fdf55c8b394a09605ee08a4e32f25f
- Size
  
  663KB
- MD5
  
  bcb844e1cb9f61ffdb26c3776c4627c6
- SHA1
  
  979aaea528ca96e71edcfde5a1172156ba401a2d
- SHA256
  
  95a7ad84f7123ae9763fab872bedfe3664fdf55c8b394a09605ee08a4e32f25f
- SHA512
  
  38e36d7062e6e4480c0380dd5f39045091b860b24c2d4b32fa3c2ac5d3b8c024eb4f0109cd0daf4631d46ddb9073faa8eee2af161bbfaf0ff0ff7431d4c5d4d9
- SSDEEP
  
  12288:qNIQAPGsAqY9IMVYd38sJdpQHlGlY8KfTHb/l9TXQCb:XPGSY91VwNJcFMqTHbdVXlb
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan