784ba1f8e503688dfb18ae1c71c8f29696815ce0d70ed9137d2fb7fedba9b1fd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

784ba1f8e503688dfb18ae1c71c8f29696815ce0d70ed9137d2fb7fedba9b1fd
Size

448KB
Sample

221201-dcppjagh33
MD5

3193570588398f26e54537cd1d20a6ba
SHA1

2a9c07ed8ce9e3e0582d5911ee7c92a17765dc93
SHA256

784ba1f8e503688dfb18ae1c71c8f29696815ce0d70ed9137d2fb7fedba9b1fd
SHA512

ddc2a2933c84e62bc82567fcb480f72bebb7c72d2f139dd4924545cd5aa7ea7696c183f0274886c0c404dbec18b206b7bd263fbc6cf7229ba442c5e457cc6329
SSDEEP

12288:uZaYtmkATBnMa6YIOFm5Wr6diyPXtOBIst:aaYtmkATBnl6pA40uG

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  784ba1f8e503688dfb18ae1c71c8f29696815ce0d70ed9137d2fb7fedba9b1fd
- Size
  
  448KB
- MD5
  
  3193570588398f26e54537cd1d20a6ba
- SHA1
  
  2a9c07ed8ce9e3e0582d5911ee7c92a17765dc93
- SHA256
  
  784ba1f8e503688dfb18ae1c71c8f29696815ce0d70ed9137d2fb7fedba9b1fd
- SHA512
  
  ddc2a2933c84e62bc82567fcb480f72bebb7c72d2f139dd4924545cd5aa7ea7696c183f0274886c0c404dbec18b206b7bd263fbc6cf7229ba442c5e457cc6329
- SSDEEP
  
  12288:uZaYtmkATBnMa6YIOFm5Wr6diyPXtOBIst:aaYtmkATBnl6pA40uG
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2