a37aaf1000af165ec336f9b8b15b486e1b82f47b141ce10ff9fa3bee0efdd631 | Triage

Sharing

General

Target

a37aaf1000af165ec336f9b8b15b486e1b82f47b141ce10ff9fa3bee0efdd631
Size

412KB
Sample

221127-t2ajxabh25
MD5

d6701c2672f7cac9090c6f23959f2489
SHA1

96ac984b64be0395e03c45cdf84a721259a5e912
SHA256

a37aaf1000af165ec336f9b8b15b486e1b82f47b141ce10ff9fa3bee0efdd631
SHA512

88cab9e077f2e14e600b8e3b4f7090e5fbd64f72492c7d6ff4e8b92a5fded4f71619cd9d63b49c69a8e06b7fc8d097c6f405a71b31416b8cfb8e80fd9301f926
SSDEEP

6144:5xq9Ut3WUminJE540fC5i4E+c6ZlXeexFucpZe+hf/GXBfc4Z/uMpinX:5xEErmsO54ACaMxk6nGxfcUu3nX

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  a37aaf1000af165ec336f9b8b15b486e1b82f47b141ce10ff9fa3bee0efdd631
- Size
  
  412KB
- MD5
  
  d6701c2672f7cac9090c6f23959f2489
- SHA1
  
  96ac984b64be0395e03c45cdf84a721259a5e912
- SHA256
  
  a37aaf1000af165ec336f9b8b15b486e1b82f47b141ce10ff9fa3bee0efdd631
- SHA512
  
  88cab9e077f2e14e600b8e3b4f7090e5fbd64f72492c7d6ff4e8b92a5fded4f71619cd9d63b49c69a8e06b7fc8d097c6f405a71b31416b8cfb8e80fd9301f926
- SSDEEP
  
  6144:5xq9Ut3WUminJE540fC5i4E+c6ZlXeexFucpZe+hf/GXBfc4Z/uMpinX:5xEErmsO54ACaMxk6nGxfcUu3nX
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2