88a022c1e21bf8233d7fefe56cf1170cba797efddcb71e081165ce5a0eeda35e | Triage

Sharing

General

Target

88a022c1e21bf8233d7fefe56cf1170cba797efddcb71e081165ce5a0eeda35e
Size

685KB
Sample

221125-yarrbsdd9y
MD5

381d233126462a31d4ef95f0c9a16f32
SHA1

e2caacbe2a32abbb99a494672a01416c39e24d22
SHA256

88a022c1e21bf8233d7fefe56cf1170cba797efddcb71e081165ce5a0eeda35e
SHA512

70b21747e17b8f041238849a70360c301b16822bcd12bfa0345573c6f7167d8c29481b12bd21cd2c3d3ea1036ca05931bcbdb4013b0807f35b86ae04aef43d3b
SSDEEP

12288:zNIQAPGsAqY9IMVYd38sJdpQHlGlY8KfTJI6Hjr6Fj7b/l9TXQCa:UPGSY91VwNJcFMqT2Wri7bdVXla

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  88a022c1e21bf8233d7fefe56cf1170cba797efddcb71e081165ce5a0eeda35e
- Size
  
  685KB
- MD5
  
  381d233126462a31d4ef95f0c9a16f32
- SHA1
  
  e2caacbe2a32abbb99a494672a01416c39e24d22
- SHA256
  
  88a022c1e21bf8233d7fefe56cf1170cba797efddcb71e081165ce5a0eeda35e
- SHA512
  
  70b21747e17b8f041238849a70360c301b16822bcd12bfa0345573c6f7167d8c29481b12bd21cd2c3d3ea1036ca05931bcbdb4013b0807f35b86ae04aef43d3b
- SSDEEP
  
  12288:zNIQAPGsAqY9IMVYd38sJdpQHlGlY8KfTJI6Hjr6Fj7b/l9TXQCa:UPGSY91VwNJcFMqT2Wri7bdVXla
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan