ad97b92b8ebc8ba0181a2199fccfa83f6f7ecb4535c66c442d6f34b70ceccf98 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad97b92b8ebc8ba0181a2199fccfa83f6f7ecb4535c66c442d6f34b70ceccf98
Size

454KB
Sample

221203-sv2t5scc75
MD5

68649a2b3027cf388daf6a4ef82b5b85
SHA1

d4674263bb7b608801ec4a9d38b35a35819bb2cb
SHA256

ad97b92b8ebc8ba0181a2199fccfa83f6f7ecb4535c66c442d6f34b70ceccf98
SHA512

2f11d844b7d87d904487b6eedafe0839335f3753c53ddb96bc596d2afed744ca781aba67fc067bb0e281670edca3b70f5ab007c6e092e9fa958236e54047b749
SSDEEP

12288:LttmvGGtxbxykVCYr5fb4ZngG5TcaCrKESWxQ36:LtPGXbxlCylkZn1caCrKxWxQq

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  ad97b92b8ebc8ba0181a2199fccfa83f6f7ecb4535c66c442d6f34b70ceccf98
- Size
  
  454KB
- MD5
  
  68649a2b3027cf388daf6a4ef82b5b85
- SHA1
  
  d4674263bb7b608801ec4a9d38b35a35819bb2cb
- SHA256
  
  ad97b92b8ebc8ba0181a2199fccfa83f6f7ecb4535c66c442d6f34b70ceccf98
- SHA512
  
  2f11d844b7d87d904487b6eedafe0839335f3753c53ddb96bc596d2afed744ca781aba67fc067bb0e281670edca3b70f5ab007c6e092e9fa958236e54047b749
- SSDEEP
  
  12288:LttmvGGtxbxykVCYr5fb4ZngG5TcaCrKESWxQ36:LtPGXbxlCylkZn1caCrKxWxQq
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2