798b99c735da86a91e50c779ed1d9e219dcf407797717f377dbbe87e5c9554fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

798b99c735da86a91e50c779ed1d9e219dcf407797717f377dbbe87e5c9554fe
Size

548KB
Sample

221205-qqz4msdf84
MD5

32398225d16ab4e57c9c1130bbcb8971
SHA1

7f3082f1b0e75b9f27e44dce9e0a46d2fcd73fa7
SHA256

798b99c735da86a91e50c779ed1d9e219dcf407797717f377dbbe87e5c9554fe
SHA512

deea5e3acb5aca7cdbd5127ea8bcc8bc4bd6b6706c3c563dc07b02185952e845ad26508b94d906f72270d517c4fb83b21b79bbe9100e6c3892c3640f848022a3
SSDEEP

12288:kBD6nX4LCFAexBj16LlLXy4/RfpUz1vn:WW4miuJ16LI4/8hn

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  798b99c735da86a91e50c779ed1d9e219dcf407797717f377dbbe87e5c9554fe
- Size
  
  548KB
- MD5
  
  32398225d16ab4e57c9c1130bbcb8971
- SHA1
  
  7f3082f1b0e75b9f27e44dce9e0a46d2fcd73fa7
- SHA256
  
  798b99c735da86a91e50c779ed1d9e219dcf407797717f377dbbe87e5c9554fe
- SHA512
  
  deea5e3acb5aca7cdbd5127ea8bcc8bc4bd6b6706c3c563dc07b02185952e845ad26508b94d906f72270d517c4fb83b21b79bbe9100e6c3892c3640f848022a3
- SSDEEP
  
  12288:kBD6nX4LCFAexBj16LlLXy4/RfpUz1vn:WW4miuJ16LI4/8hn
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2