4f73be8c88b7845a5eeab9e12020625fabfbe8ee550072cfe73890211ac2aeeb | Triage

Sharing

General

Target

4f73be8c88b7845a5eeab9e12020625fabfbe8ee550072cfe73890211ac2aeeb
Size

204KB
Sample

221126-kzmxsaff73
MD5

b3e99f211982c41bbc11fa7cfb8d26f4
SHA1

4ff0c8603056873474d6ff69dc37717139bd9f00
SHA256

4f73be8c88b7845a5eeab9e12020625fabfbe8ee550072cfe73890211ac2aeeb
SHA512

455adde2f288e89d63696eb29b409333c721f8d00485cef307778756c00b476ebae7953c6b95180d5ff00febd577cc2da78eae8b4b161c0de9be36406e1fcc6b
SSDEEP

3072:ITlKkgQXXKLCE2G/EDCpQUMrr5fbTB+1uFazZ19TLYQXXKLCE2G/EDCpQUMrr5fc:pB3t2G/fur5x+1uFazv9vY3t2G/fur5k

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  4f73be8c88b7845a5eeab9e12020625fabfbe8ee550072cfe73890211ac2aeeb
- Size
  
  204KB
- MD5
  
  b3e99f211982c41bbc11fa7cfb8d26f4
- SHA1
  
  4ff0c8603056873474d6ff69dc37717139bd9f00
- SHA256
  
  4f73be8c88b7845a5eeab9e12020625fabfbe8ee550072cfe73890211ac2aeeb
- SHA512
  
  455adde2f288e89d63696eb29b409333c721f8d00485cef307778756c00b476ebae7953c6b95180d5ff00febd577cc2da78eae8b4b161c0de9be36406e1fcc6b
- SSDEEP
  
  3072:ITlKkgQXXKLCE2G/EDCpQUMrr5fbTB+1uFazZ19TLYQXXKLCE2G/EDCpQUMrr5fc:pB3t2G/fur5x+1uFazv9vY3t2G/fur5k
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan