39b572e8313127d40d47554425fe262ac7c8c05f261b24a76f27ef893d13304c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39b572e8313127d40d47554425fe262ac7c8c05f261b24a76f27ef893d13304c
Size

424KB
Sample

221127-gq87wadh73
MD5

0b623c3fb2288d366e772a2346f56b20
SHA1

ff6589f97ef41dcafc0f926754ddb288477810ea
SHA256

39b572e8313127d40d47554425fe262ac7c8c05f261b24a76f27ef893d13304c
SHA512

35c9b2a429b6bac4d644ef97ed4418f181ddd891e057e632df33baaae8f0806f5133c58ab6458bbe32fc4b4ca61316acb191c9bb3b558f50c2104705d36ea3c7
SSDEEP

12288:5Eztr1t9ZlCB6GJF8OFmBvJqDxOpLfHo:ctr39ZlCzcBvADaf

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  39b572e8313127d40d47554425fe262ac7c8c05f261b24a76f27ef893d13304c
- Size
  
  424KB
- MD5
  
  0b623c3fb2288d366e772a2346f56b20
- SHA1
  
  ff6589f97ef41dcafc0f926754ddb288477810ea
- SHA256
  
  39b572e8313127d40d47554425fe262ac7c8c05f261b24a76f27ef893d13304c
- SHA512
  
  35c9b2a429b6bac4d644ef97ed4418f181ddd891e057e632df33baaae8f0806f5133c58ab6458bbe32fc4b4ca61316acb191c9bb3b558f50c2104705d36ea3c7
- SSDEEP
  
  12288:5Eztr1t9ZlCB6GJF8OFmBvJqDxOpLfHo:ctr39ZlCzcBvADaf
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2