9165ea62a1ea1f9ec77a2e06b82234c5e3c522de77e5c59cbd727a02504e24e2 | Triage

Sharing

General

Target

9165ea62a1ea1f9ec77a2e06b82234c5e3c522de77e5c59cbd727a02504e24e2
Size

1.7MB
Sample

221127-t3w5asca28
MD5

a2a72e2c035a71e2042f584e7b992a9c
SHA1

28f8366e3251647fc7d4d720a96c6dd6af5c38d4
SHA256

9165ea62a1ea1f9ec77a2e06b82234c5e3c522de77e5c59cbd727a02504e24e2
SHA512

43795be52ef8b2426e17d4eec077b3a86eb47f6218e63f8b8b6fde24c25eb27f2a36b89b8387cfc354dd28a02a443c450ed15b9526261cb44fed52f228b2a888
SSDEEP

24576:tQEDaAt7kVQr1uqMCh0cMRXrVJuP2N57fmzm5ftFzAh3/m8dsm+6nCodKZot+wF5:da2jYQ+fD8l+PKyVnVU

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  9165ea62a1ea1f9ec77a2e06b82234c5e3c522de77e5c59cbd727a02504e24e2
- Size
  
  1.7MB
- MD5
  
  a2a72e2c035a71e2042f584e7b992a9c
- SHA1
  
  28f8366e3251647fc7d4d720a96c6dd6af5c38d4
- SHA256
  
  9165ea62a1ea1f9ec77a2e06b82234c5e3c522de77e5c59cbd727a02504e24e2
- SHA512
  
  43795be52ef8b2426e17d4eec077b3a86eb47f6218e63f8b8b6fde24c25eb27f2a36b89b8387cfc354dd28a02a443c450ed15b9526261cb44fed52f228b2a888
- SSDEEP
  
  24576:tQEDaAt7kVQr1uqMCh0cMRXrVJuP2N57fmzm5ftFzAh3/m8dsm+6nCodKZot+wF5:da2jYQ+fD8l+PKyVnVU
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan