876dff96f50de17149a160eb250f78932089cd01d0352161248df60e26d0e684 | Triage

Sharing

General

Target

876dff96f50de17149a160eb250f78932089cd01d0352161248df60e26d0e684
Size

1.4MB
Sample

221201-hk3ctadd72
MD5

891cf6553a7525479ec65633d7b76fc6
SHA1

024fc3eb2399ad8a40e43b7a3169badfaec42d2c
SHA256

876dff96f50de17149a160eb250f78932089cd01d0352161248df60e26d0e684
SHA512

86b1fa0c4d57bfa96c60ef2d594c094f7bce39ee448af07efd15231a266e24d0716f5a1f4b4b384054fc0026fdab7baa4a6bdd1b8a25427e905b44344c473631
SSDEEP

24576:eeE3yRC3qUr7iE8zRe/ycJUCv3OnFgG8bJsuB/rofzyi:c0aJx//pn+C5g

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  876dff96f50de17149a160eb250f78932089cd01d0352161248df60e26d0e684
- Size
  
  1.4MB
- MD5
  
  891cf6553a7525479ec65633d7b76fc6
- SHA1
  
  024fc3eb2399ad8a40e43b7a3169badfaec42d2c
- SHA256
  
  876dff96f50de17149a160eb250f78932089cd01d0352161248df60e26d0e684
- SHA512
  
  86b1fa0c4d57bfa96c60ef2d594c094f7bce39ee448af07efd15231a266e24d0716f5a1f4b4b384054fc0026fdab7baa4a6bdd1b8a25427e905b44344c473631
- SSDEEP
  
  24576:eeE3yRC3qUr7iE8zRe/ycJUCv3OnFgG8bJsuB/rofzyi:c0aJx//pn+C5g
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Adds policy Run key to start application
  persistence
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Scripting

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan