8175dba693e36e6b96883cfe51efa4bd0cd38796898b604a4684ea33a4962907 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8175dba693e36e6b96883cfe51efa4bd0cd38796898b604a4684ea33a4962907
Size

372KB
Sample

221201-17lbxsfg83
MD5

dd705aff1dd7d65f1bb3f862b9b82faa
SHA1

58e8d8052c0a6bc8cdf6632eab5fb241d5b61f13
SHA256

8175dba693e36e6b96883cfe51efa4bd0cd38796898b604a4684ea33a4962907
SHA512

d8a9702586d2136ad3ceb1901d2be5313a9af39ae709793b0bf59c92e6dd756cb0a94c3cf04604d3776433c751d5e643f2e2422ec0ee1e2f5abdf8073c173c3d
SSDEEP

6144:7ozjRZreLaw8nmQWueyVgt/HcF06LiXShLfwys10lpzhhclNxyvM:7ozjneF8m4ewS/HcF+ih7wp10l1h+Txd

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  8175dba693e36e6b96883cfe51efa4bd0cd38796898b604a4684ea33a4962907
- Size
  
  372KB
- MD5
  
  dd705aff1dd7d65f1bb3f862b9b82faa
- SHA1
  
  58e8d8052c0a6bc8cdf6632eab5fb241d5b61f13
- SHA256
  
  8175dba693e36e6b96883cfe51efa4bd0cd38796898b604a4684ea33a4962907
- SHA512
  
  d8a9702586d2136ad3ceb1901d2be5313a9af39ae709793b0bf59c92e6dd756cb0a94c3cf04604d3776433c751d5e643f2e2422ec0ee1e2f5abdf8073c173c3d
- SSDEEP
  
  6144:7ozjRZreLaw8nmQWueyVgt/HcF06LiXShLfwys10lpzhhclNxyvM:7ozjneF8m4ewS/HcF+ih7wp10l1h+Txd
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2