a6cf09187844803a240acfc1bd9e2d38fa4b245c2c468edd4cc1dc43d8bb9ad8 | Triage

Sharing

General

Target

a6cf09187844803a240acfc1bd9e2d38fa4b245c2c468edd4cc1dc43d8bb9ad8
Size

385KB
Sample

221202-z788baac3y
MD5

f4d6e15406bf6b72e6c593c88fc7a64d
SHA1

a6745b6106875e60078eb978e97f2176cd7577ad
SHA256

a6cf09187844803a240acfc1bd9e2d38fa4b245c2c468edd4cc1dc43d8bb9ad8
SHA512

141d4f82a911f71e683647e60b335b7b2dc77aceab3ff9a40505ab88a7fa4eab8f6b3ded8a370e0ade17060897a92eb37ddb2a68dc576e76568af5e40ebc9eaa
SSDEEP

6144:0+PcpCG0fJMHneMCDB6sEFu6XwydbyY9gHDtWGDSYAnLCI:w4G0fchCd+RXwycY9gkGTALb

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  a6cf09187844803a240acfc1bd9e2d38fa4b245c2c468edd4cc1dc43d8bb9ad8
- Size
  
  385KB
- MD5
  
  f4d6e15406bf6b72e6c593c88fc7a64d
- SHA1
  
  a6745b6106875e60078eb978e97f2176cd7577ad
- SHA256
  
  a6cf09187844803a240acfc1bd9e2d38fa4b245c2c468edd4cc1dc43d8bb9ad8
- SHA512
  
  141d4f82a911f71e683647e60b335b7b2dc77aceab3ff9a40505ab88a7fa4eab8f6b3ded8a370e0ade17060897a92eb37ddb2a68dc576e76568af5e40ebc9eaa
- SSDEEP
  
  6144:0+PcpCG0fJMHneMCDB6sEFu6XwydbyY9gHDtWGDSYAnLCI:w4G0fchCd+RXwycY9gkGTALb
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2