b8b706357cc6aab4c1ba20b87a7ea2203fa2e8bd35a3488a789e183db78788ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8b706357cc6aab4c1ba20b87a7ea2203fa2e8bd35a3488a789e183db78788ea
Size

584KB
Sample

221203-rwvlsach3s
MD5

b2eedf03d2177d8c8fc7b60109980f23
SHA1

a97083fc1a8cfbdfe53ef05668330205f604dccf
SHA256

b8b706357cc6aab4c1ba20b87a7ea2203fa2e8bd35a3488a789e183db78788ea
SHA512

f816d266fa5d9946b904187c5d0f5b1f4ebdf4357fddf6886603d8a59b59c1f424203d3bfaadb03380e6e245d0d58e9e59b95f282b4e450c4c03a5fcae3fd33c
SSDEEP

12288:teeBRhojLOtMdblcPd7USXYaC8LHnu2w4V5Li:teORhojLOtElimcHS4VN

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  b8b706357cc6aab4c1ba20b87a7ea2203fa2e8bd35a3488a789e183db78788ea
- Size
  
  584KB
- MD5
  
  b2eedf03d2177d8c8fc7b60109980f23
- SHA1
  
  a97083fc1a8cfbdfe53ef05668330205f604dccf
- SHA256
  
  b8b706357cc6aab4c1ba20b87a7ea2203fa2e8bd35a3488a789e183db78788ea
- SHA512
  
  f816d266fa5d9946b904187c5d0f5b1f4ebdf4357fddf6886603d8a59b59c1f424203d3bfaadb03380e6e245d0d58e9e59b95f282b4e450c4c03a5fcae3fd33c
- SSDEEP
  
  12288:teeBRhojLOtMdblcPd7USXYaC8LHnu2w4V5Li:teORhojLOtElimcHS4VN
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2