7fb1f5a57fa2fb6458c0aafe0954d823b1eb99425c8e6dbe5dec5450ffe853c9 | Triage

Sharing

General

Target

7fb1f5a57fa2fb6458c0aafe0954d823b1eb99425c8e6dbe5dec5450ffe853c9
Size

588KB
Sample

221201-2b89jsgc73
MD5

09efc3d6e2c61a91af40c7c88bb42344
SHA1

be3a2fd485059dc062f3fa05860823bdca1f242c
SHA256

7fb1f5a57fa2fb6458c0aafe0954d823b1eb99425c8e6dbe5dec5450ffe853c9
SHA512

62426b33687e42ca2117c0e74c7eb8a04ed53790946cb651fd8803855660ea129aa91ceee3916c49e2f577d307683a4f9fd89a7bb598daa801550488462a4b86
SSDEEP

12288:JGcbceSbVddTMdblcPd7USXYaC8LHnu2w4V5L:JGcbceSVddTElimcHS4VN

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  7fb1f5a57fa2fb6458c0aafe0954d823b1eb99425c8e6dbe5dec5450ffe853c9
- Size
  
  588KB
- MD5
  
  09efc3d6e2c61a91af40c7c88bb42344
- SHA1
  
  be3a2fd485059dc062f3fa05860823bdca1f242c
- SHA256
  
  7fb1f5a57fa2fb6458c0aafe0954d823b1eb99425c8e6dbe5dec5450ffe853c9
- SHA512
  
  62426b33687e42ca2117c0e74c7eb8a04ed53790946cb651fd8803855660ea129aa91ceee3916c49e2f577d307683a4f9fd89a7bb598daa801550488462a4b86
- SSDEEP
  
  12288:JGcbceSbVddTMdblcPd7USXYaC8LHnu2w4V5L:JGcbceSVddTElimcHS4VN
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2