a2f545b253f420507fb5303e10bc54e44d29223076197a4b8075c75765b7a569 | Triage

Sharing

General

Target

a2f545b253f420507fb5303e10bc54e44d29223076197a4b8075c75765b7a569
Size

560KB
Sample

221203-trg61afb33
MD5

4d83dd0f75827ca352f12a302f7b49a6
SHA1

380bec86df75bff0522bc2653f338747f836b086
SHA256

a2f545b253f420507fb5303e10bc54e44d29223076197a4b8075c75765b7a569
SHA512

ef8efa584549bb3cd3a477210f7fb720e3b3808d3ba50549c9396100312c72cd397f4a0a5c75bbdaa2a06e595c3b271d5bb727caae3ae58bd133ad773eaa7bea
SSDEEP

12288:nHa68eXeJgw2r6s5eDl0X5vBfqJmA2QIVu:nHa68eXej2H5Q8JBEmA2Z

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  a2f545b253f420507fb5303e10bc54e44d29223076197a4b8075c75765b7a569
- Size
  
  560KB
- MD5
  
  4d83dd0f75827ca352f12a302f7b49a6
- SHA1
  
  380bec86df75bff0522bc2653f338747f836b086
- SHA256
  
  a2f545b253f420507fb5303e10bc54e44d29223076197a4b8075c75765b7a569
- SHA512
  
  ef8efa584549bb3cd3a477210f7fb720e3b3808d3ba50549c9396100312c72cd397f4a0a5c75bbdaa2a06e595c3b271d5bb727caae3ae58bd133ad773eaa7bea
- SSDEEP
  
  12288:nHa68eXeJgw2r6s5eDl0X5vBfqJmA2QIVu:nHa68eXej2H5Q8JBEmA2Z
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2