a0080639a790aa78cbce52efcc0f411c0e9a7fb8013fdef03695b89fdc386ee6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0080639a790aa78cbce52efcc0f411c0e9a7fb8013fdef03695b89fdc386ee6
Size

396KB
Sample

221203-t1a42sfh32
MD5

989c11923dea636b41fc00c19b9d99b1
SHA1

e002f0238d69fdb1c7ca5533f174231f25ac71bd
SHA256

a0080639a790aa78cbce52efcc0f411c0e9a7fb8013fdef03695b89fdc386ee6
SHA512

15e730e4fbc46455f1513b68aac3b1a92c42338dbad121eb02b5cbca7262f9a3e2855dbab2caf2d5795327628f6335d29ff401a587e7aa03830cbdb973d63a71
SSDEEP

6144:9PHfV6IlMX5QDYgANBnj2THhatCWRhUVDC8iaclfcNg/E9:9PNY5QlCKTHh3W8VmBaclXE

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  a0080639a790aa78cbce52efcc0f411c0e9a7fb8013fdef03695b89fdc386ee6
- Size
  
  396KB
- MD5
  
  989c11923dea636b41fc00c19b9d99b1
- SHA1
  
  e002f0238d69fdb1c7ca5533f174231f25ac71bd
- SHA256
  
  a0080639a790aa78cbce52efcc0f411c0e9a7fb8013fdef03695b89fdc386ee6
- SHA512
  
  15e730e4fbc46455f1513b68aac3b1a92c42338dbad121eb02b5cbca7262f9a3e2855dbab2caf2d5795327628f6335d29ff401a587e7aa03830cbdb973d63a71
- SSDEEP
  
  6144:9PHfV6IlMX5QDYgANBnj2THhatCWRhUVDC8iaclfcNg/E9:9PNY5QlCKTHh3W8VmBaclXE
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2