bc796983c706135357d09eb3d1716153becea7e2896b31a82333fa964765dd43 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc796983c706135357d09eb3d1716153becea7e2896b31a82333fa964765dd43
Size

364KB
Sample

221203-f2qn8scb6t
MD5

a5e66dcdf4ef57978403a33a8d032a9b
SHA1

bd771b9ca633bfa7f71e968fa1d23ca14b889931
SHA256

bc796983c706135357d09eb3d1716153becea7e2896b31a82333fa964765dd43
SHA512

6a356fdc304c90b14fbb28bb5bed81ffd6daa67830620c1090a8cf283bad334c3af88762a3e1fcb49f85bfe70b949a65e2fceff3fda2bc85d2b8164ec5b99181
SSDEEP

6144:pEgQMLM8nDdLa/h0+x1Mx6Ly9dyJ0TcFYLS8nCiopACPmgro:pEYI8nDdLa/h061N50IOuFio3r

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  bc796983c706135357d09eb3d1716153becea7e2896b31a82333fa964765dd43
- Size
  
  364KB
- MD5
  
  a5e66dcdf4ef57978403a33a8d032a9b
- SHA1
  
  bd771b9ca633bfa7f71e968fa1d23ca14b889931
- SHA256
  
  bc796983c706135357d09eb3d1716153becea7e2896b31a82333fa964765dd43
- SHA512
  
  6a356fdc304c90b14fbb28bb5bed81ffd6daa67830620c1090a8cf283bad334c3af88762a3e1fcb49f85bfe70b949a65e2fceff3fda2bc85d2b8164ec5b99181
- SSDEEP
  
  6144:pEgQMLM8nDdLa/h0+x1Mx6Ly9dyJ0TcFYLS8nCiopACPmgro:pEYI8nDdLa/h061N50IOuFio3r
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2