8f007d638065f6831615f229f161177b5ede8550af8d9ceeb3e6229ecd819722 | Triage

Sharing

General

Target

8f007d638065f6831615f229f161177b5ede8550af8d9ceeb3e6229ecd819722
Size

457KB
Sample

221201-bv5scscc34
MD5

162d25cda85c604e45f10b200759cf20
SHA1

8a08d965e145ab45da1f456575516d9ebff6cbf9
SHA256

8f007d638065f6831615f229f161177b5ede8550af8d9ceeb3e6229ecd819722
SHA512

5be787956c93fc43e79cf6a946ed70da1b359172cc43511805b00adea5d35c3d5461d0b8e1abe79abfa5c1411b8f79bc5e7e45edf795d4e39c1f34e1d05907d7
SSDEEP

12288:JOlfYa4QT1l/kmfWzcobv/5miqC48t5SS:JVQT1l5fWzXbnjSS

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  8f007d638065f6831615f229f161177b5ede8550af8d9ceeb3e6229ecd819722
- Size
  
  457KB
- MD5
  
  162d25cda85c604e45f10b200759cf20
- SHA1
  
  8a08d965e145ab45da1f456575516d9ebff6cbf9
- SHA256
  
  8f007d638065f6831615f229f161177b5ede8550af8d9ceeb3e6229ecd819722
- SHA512
  
  5be787956c93fc43e79cf6a946ed70da1b359172cc43511805b00adea5d35c3d5461d0b8e1abe79abfa5c1411b8f79bc5e7e45edf795d4e39c1f34e1d05907d7
- SSDEEP
  
  12288:JOlfYa4QT1l/kmfWzcobv/5miqC48t5SS:JVQT1l5fWzXbnjSS
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan