bf853dd35c10b1b4f1624cf911138dc8659ec7e9d716190e5f0c87677ffa4f23 | Triage

Sharing

General

Target

bf853dd35c10b1b4f1624cf911138dc8659ec7e9d716190e5f0c87677ffa4f23
Size

404KB
Sample

221203-f1maesgg44
MD5

9ef0e0be96b219336a05ca88cd74c7ef
SHA1

c4be719445a4689334beb59c2a067f764806b8d0
SHA256

bf853dd35c10b1b4f1624cf911138dc8659ec7e9d716190e5f0c87677ffa4f23
SHA512

0c92a2964404ef774f09b27c2cca9acbd7bb96fd40625b2a67c920d235caa824fdeaf82d2b682fe524c61f08ce8136a6cab567f6a5ec04c1206bcff67d3c0465
SSDEEP

12288:otle3hGEXde2QOS2S6Kg6UtiQ+u2ljdJ4GOCwMC8Jw:ulGhGENRAlMgK6jdgp82

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  bf853dd35c10b1b4f1624cf911138dc8659ec7e9d716190e5f0c87677ffa4f23
- Size
  
  404KB
- MD5
  
  9ef0e0be96b219336a05ca88cd74c7ef
- SHA1
  
  c4be719445a4689334beb59c2a067f764806b8d0
- SHA256
  
  bf853dd35c10b1b4f1624cf911138dc8659ec7e9d716190e5f0c87677ffa4f23
- SHA512
  
  0c92a2964404ef774f09b27c2cca9acbd7bb96fd40625b2a67c920d235caa824fdeaf82d2b682fe524c61f08ce8136a6cab567f6a5ec04c1206bcff67d3c0465
- SSDEEP
  
  12288:otle3hGEXde2QOS2S6Kg6UtiQ+u2ljdJ4GOCwMC8Jw:ulGhGENRAlMgK6jdgp82
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2