91d6fb97861d6b25d3c9ff9b75bc7c9a6c0c17d58a3bbc3cad3e2f743cb108bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

91d6fb97861d6b25d3c9ff9b75bc7c9a6c0c17d58a3bbc3cad3e2f743cb108bf
Size

404KB
Sample

221202-z6bknaaa7x
MD5

135a8da38db94956bfea24a1ec45b032
SHA1

7da92aa479f587c2b2152dc79d67afed91cbbfe1
SHA256

91d6fb97861d6b25d3c9ff9b75bc7c9a6c0c17d58a3bbc3cad3e2f743cb108bf
SHA512

a6e3093ce350c1047f2d64b3f138bb55d52733e8c00bb093359644cf2db84e136aeca3e1a3c5693141354d83e8d654098b6e959031443b9898849a63039a40ef
SSDEEP

6144:3gWv7mJg46pihNTHDXxCyZ3uZUMNKWccN+SCJKE9ThH4gSomIl8Q:3Lv73sNTjYyZ3Kl1fCoMG7omIl

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  91d6fb97861d6b25d3c9ff9b75bc7c9a6c0c17d58a3bbc3cad3e2f743cb108bf
- Size
  
  404KB
- MD5
  
  135a8da38db94956bfea24a1ec45b032
- SHA1
  
  7da92aa479f587c2b2152dc79d67afed91cbbfe1
- SHA256
  
  91d6fb97861d6b25d3c9ff9b75bc7c9a6c0c17d58a3bbc3cad3e2f743cb108bf
- SHA512
  
  a6e3093ce350c1047f2d64b3f138bb55d52733e8c00bb093359644cf2db84e136aeca3e1a3c5693141354d83e8d654098b6e959031443b9898849a63039a40ef
- SSDEEP
  
  6144:3gWv7mJg46pihNTHDXxCyZ3uZUMNKWccN+SCJKE9ThH4gSomIl8Q:3Lv73sNTjYyZ3Kl1fCoMG7omIl
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2