ee8c2530ea7cd43891debb067b952f35e62a4db23458d69283faf2696c77ab19 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ee8c2530ea7cd43891debb067b952f35e62a4db23458d69283faf2696c77ab19
Size

453KB
Sample

221204-pejf3sge74
MD5

fbe889db0f3ce306828d5080dba5f093
SHA1

8eb4025b3107ba043e852c805954e19c781977bf
SHA256

ee8c2530ea7cd43891debb067b952f35e62a4db23458d69283faf2696c77ab19
SHA512

9e04e639b3708e1e8e43427026c8480d1fe91eb5d75b434808246e2a9df424fbdf052b206bb259f9b4c352a37f3b2f6b03a8da424e2d1581ca332c755c969006
SSDEEP

12288:b/ZD4b55K7gvvr4sE7l3XWEZLorcjks/3fl5JF67cOn7qp:b+5w3zZ8rcksPf67cuq

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  ee8c2530ea7cd43891debb067b952f35e62a4db23458d69283faf2696c77ab19
- Size
  
  453KB
- MD5
  
  fbe889db0f3ce306828d5080dba5f093
- SHA1
  
  8eb4025b3107ba043e852c805954e19c781977bf
- SHA256
  
  ee8c2530ea7cd43891debb067b952f35e62a4db23458d69283faf2696c77ab19
- SHA512
  
  9e04e639b3708e1e8e43427026c8480d1fe91eb5d75b434808246e2a9df424fbdf052b206bb259f9b4c352a37f3b2f6b03a8da424e2d1581ca332c755c969006
- SSDEEP
  
  12288:b/ZD4b55K7gvvr4sE7l3XWEZLorcjks/3fl5JF67cOn7qp:b+5w3zZ8rcksPf67cuq
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan