f44e7ce4bb98c001c0edd3206944b6c6b0fcadd154c40209a3ac7ae143105a1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f44e7ce4bb98c001c0edd3206944b6c6b0fcadd154c40209a3ac7ae143105a1a
Size

648KB
Sample

221206-rm1rfahf9v
MD5

e270fb9c39ccd9cbb136a54a312da77d
SHA1

ef5b248f77f20e72100eadcb9e08a34380e1cb34
SHA256

f44e7ce4bb98c001c0edd3206944b6c6b0fcadd154c40209a3ac7ae143105a1a
SHA512

818fe61c16db049eb6babc1d527510beadce14362d4c363e25b04961ae28792bc1abeab061578e712cb99518687dec3ec1357066d7b683970b97500078a0fdca
SSDEEP

12288:Dyiuvqki8e+xwr04aA6XtlXyUIOr7He1/EyYJJp4coUGSz1AR+L:tutmawAA6XtqS7HecJWi9

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  f44e7ce4bb98c001c0edd3206944b6c6b0fcadd154c40209a3ac7ae143105a1a
- Size
  
  648KB
- MD5
  
  e270fb9c39ccd9cbb136a54a312da77d
- SHA1
  
  ef5b248f77f20e72100eadcb9e08a34380e1cb34
- SHA256
  
  f44e7ce4bb98c001c0edd3206944b6c6b0fcadd154c40209a3ac7ae143105a1a
- SHA512
  
  818fe61c16db049eb6babc1d527510beadce14362d4c363e25b04961ae28792bc1abeab061578e712cb99518687dec3ec1357066d7b683970b97500078a0fdca
- SSDEEP
  
  12288:Dyiuvqki8e+xwr04aA6XtlXyUIOr7He1/EyYJJp4coUGSz1AR+L:tutmawAA6XtqS7HecJWi9
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan