137db243dc79daa660e1a08f37cfda68fc8987296af3607bf33f4486ef993bc4 | Triage

Sharing

General

Target

137db243dc79daa660e1a08f37cfda68fc8987296af3607bf33f4486ef993bc4
Size

108KB
Sample

221203-afdvnagd96
MD5

617c7245c41ab10c391f2f747f587a18
SHA1

25e7f398af3ec7147319f4ada1ccc43fe701f289
SHA256

137db243dc79daa660e1a08f37cfda68fc8987296af3607bf33f4486ef993bc4
SHA512

dae7e644f33758d88bafb23d1889659c5026feda73082cdab2376471a639f03be9e521dab0ea26d3e355ef5c868d41d494782f7c298820d2517e62ea3c705dae
SSDEEP

1536:E0iz5v3eWVL9eryv1oeWVLPCe6EO2KCZ27TDHGZWGQBh7:kuWVL4gWVLP4EO28mZWGQBh

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  137db243dc79daa660e1a08f37cfda68fc8987296af3607bf33f4486ef993bc4
- Size
  
  108KB
- MD5
  
  617c7245c41ab10c391f2f747f587a18
- SHA1
  
  25e7f398af3ec7147319f4ada1ccc43fe701f289
- SHA256
  
  137db243dc79daa660e1a08f37cfda68fc8987296af3607bf33f4486ef993bc4
- SHA512
  
  dae7e644f33758d88bafb23d1889659c5026feda73082cdab2376471a639f03be9e521dab0ea26d3e355ef5c868d41d494782f7c298820d2517e62ea3c705dae
- SSDEEP
  
  1536:E0iz5v3eWVL9eryv1oeWVLPCe6EO2KCZ27TDHGZWGQBh7:kuWVL4gWVLP4EO28mZWGQBh
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Disables Task Manager via registry modification
  evasion
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan