e19aeadd59da516567527cb6a0e2e2e9189b35f8a579c26028c899f7f163c581 | Triage

Sharing

General

Target

e19aeadd59da516567527cb6a0e2e2e9189b35f8a579c26028c899f7f163c581
Size

436KB
Sample

221201-t7eqtage27
MD5

d3036cf6818b92f0cec0eaa6bb65e7c1
SHA1

46162da8d0db9749818f17ec0281746514eb1eaa
SHA256

e19aeadd59da516567527cb6a0e2e2e9189b35f8a579c26028c899f7f163c581
SHA512

60b2ecebc0ce0955587923586540f50d36bd493c2296b19534643dd3603d323b72b4eaac22c68a2cb70e127c0687049d84929a993882bd7b9a590a4c6ea0b043
SSDEEP

12288:sb5wwTsPzUmKT0Jv5Bq/k7Y9ysILBP5guci/46:YTsLMTHp9ysILBK9a4

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  e19aeadd59da516567527cb6a0e2e2e9189b35f8a579c26028c899f7f163c581
- Size
  
  436KB
- MD5
  
  d3036cf6818b92f0cec0eaa6bb65e7c1
- SHA1
  
  46162da8d0db9749818f17ec0281746514eb1eaa
- SHA256
  
  e19aeadd59da516567527cb6a0e2e2e9189b35f8a579c26028c899f7f163c581
- SHA512
  
  60b2ecebc0ce0955587923586540f50d36bd493c2296b19534643dd3603d323b72b4eaac22c68a2cb70e127c0687049d84929a993882bd7b9a590a4c6ea0b043
- SSDEEP
  
  12288:sb5wwTsPzUmKT0Jv5Bq/k7Y9ysILBP5guci/46:YTsLMTHp9ysILBK9a4
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2