7bf3feb406ea177ec3e23207aca828fe63a9be17b1dbc351a9c40473fa8fd3fa | Triage

Sharing

General

Target

7bf3feb406ea177ec3e23207aca828fe63a9be17b1dbc351a9c40473fa8fd3fa
Size

400KB
Sample

221127-xbeygsab93
MD5

6e386a0c4203472b75511ab7c831a42c
SHA1

ec1b31d9cbca75169936f4ecccf1c838e07b6b6a
SHA256

7bf3feb406ea177ec3e23207aca828fe63a9be17b1dbc351a9c40473fa8fd3fa
SHA512

2b37f9b43b65bc21a6b906162e20ac7771a7c161ca390b2e185a8971e20029cb20c46d36217bacd57c8974c3afe1896e43837b71ef8c1b873debe1ff9462f5d1
SSDEEP

6144:dgrjuvSjs7jWG89nXQHH8ZvvnxKGebHk8bSZq5ytf1d1NkwIaGWCUEFdHyxsu:d9qSG8KvkGebHkkSZq5mf5NxIaGJdHb

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  7bf3feb406ea177ec3e23207aca828fe63a9be17b1dbc351a9c40473fa8fd3fa
- Size
  
  400KB
- MD5
  
  6e386a0c4203472b75511ab7c831a42c
- SHA1
  
  ec1b31d9cbca75169936f4ecccf1c838e07b6b6a
- SHA256
  
  7bf3feb406ea177ec3e23207aca828fe63a9be17b1dbc351a9c40473fa8fd3fa
- SHA512
  
  2b37f9b43b65bc21a6b906162e20ac7771a7c161ca390b2e185a8971e20029cb20c46d36217bacd57c8974c3afe1896e43837b71ef8c1b873debe1ff9462f5d1
- SSDEEP
  
  6144:dgrjuvSjs7jWG89nXQHH8ZvvnxKGebHk8bSZq5ytf1d1NkwIaGWCUEFdHyxsu:d9qSG8KvkGebHkkSZq5mf5NxIaGJdHb
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2