f5f286e3d56f33d8a8cec43121bf618b152e6bafba86dac960a1aec76d244d68 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5f286e3d56f33d8a8cec43121bf618b152e6bafba86dac960a1aec76d244d68
Size

469KB
Sample

221203-c8wx2sgf83
MD5

4711238e2f2c302b4660091a5033ba3c
SHA1

32404b57448558a1ffd3b705cbe9e5bbabc3f01d
SHA256

f5f286e3d56f33d8a8cec43121bf618b152e6bafba86dac960a1aec76d244d68
SHA512

5ba103e6dbdaa4ad8303e817a1b3bed77e4f24d80f8e463e4a7190570b86975dd0502f2e0ed040a6945e427a9cb9349f57c81ca4cf26ddba97b631410328f8be
SSDEEP

6144:cbUaqRarmDMra6LNpmvn9rQxMrnVUexfefL7gwwwUFeoB/wW2CC5Xse0l9ow3G:cYacaZzL09XVUCgLAT72we0lGw2

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  f5f286e3d56f33d8a8cec43121bf618b152e6bafba86dac960a1aec76d244d68
- Size
  
  469KB
- MD5
  
  4711238e2f2c302b4660091a5033ba3c
- SHA1
  
  32404b57448558a1ffd3b705cbe9e5bbabc3f01d
- SHA256
  
  f5f286e3d56f33d8a8cec43121bf618b152e6bafba86dac960a1aec76d244d68
- SHA512
  
  5ba103e6dbdaa4ad8303e817a1b3bed77e4f24d80f8e463e4a7190570b86975dd0502f2e0ed040a6945e427a9cb9349f57c81ca4cf26ddba97b631410328f8be
- SSDEEP
  
  6144:cbUaqRarmDMra6LNpmvn9rQxMrnVUexfefL7gwwwUFeoB/wW2CC5Xse0l9ow3G:cYacaZzL09XVUCgLAT72we0lGw2
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2