bfe75fdc9fe6b5de80cc18bd11f943b4d18172e37ddb6fc7170c8e9f126e2aab | Triage

Sharing

General

Target

bfe75fdc9fe6b5de80cc18bd11f943b4d18172e37ddb6fc7170c8e9f126e2aab
Size

631KB
Sample

221203-gnp18aae49
MD5

374a423ba5c64c7ac87a3bcf45ed672a
SHA1

fc0b1b41db5e5e2cf6e42a7e391d6054dbc219a1
SHA256

bfe75fdc9fe6b5de80cc18bd11f943b4d18172e37ddb6fc7170c8e9f126e2aab
SHA512

d9a96ef54a59f0e2f97240e923c914a2bc7a1f5f80242a8be6efd3b6769e11fcd06380fb66d487925c48277127d9bc95669101a690045de0183f43e38ac0c697
SSDEEP

12288:d/G4YqH5E4FFaWbrxTYWWcxBGKzqfy32mYL/4:d+4YW5Ey7rpmaA0qfP

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  bfe75fdc9fe6b5de80cc18bd11f943b4d18172e37ddb6fc7170c8e9f126e2aab
- Size
  
  631KB
- MD5
  
  374a423ba5c64c7ac87a3bcf45ed672a
- SHA1
  
  fc0b1b41db5e5e2cf6e42a7e391d6054dbc219a1
- SHA256
  
  bfe75fdc9fe6b5de80cc18bd11f943b4d18172e37ddb6fc7170c8e9f126e2aab
- SHA512
  
  d9a96ef54a59f0e2f97240e923c914a2bc7a1f5f80242a8be6efd3b6769e11fcd06380fb66d487925c48277127d9bc95669101a690045de0183f43e38ac0c697
- SSDEEP
  
  12288:d/G4YqH5E4FFaWbrxTYWWcxBGKzqfy32mYL/4:d+4YW5Ey7rpmaA0qfP
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan