9d0ffde9c28deca17a860506ca2573832419e353bd858e9eed1df213495e8c00 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d0ffde9c28deca17a860506ca2573832419e353bd858e9eed1df213495e8c00
Size

4.0MB
Sample

221207-ck3exseh45
MD5

51997a305d0199f44a1ee2385af84eb4
SHA1

8012614ee45345ae61255d10937402f931018441
SHA256

9d0ffde9c28deca17a860506ca2573832419e353bd858e9eed1df213495e8c00
SHA512

c069cf9481e013c7b64364a44c6c4b81371bc4303241275c302a63886b607bc990c4869be2c14f77984f1f92b7f52663681a95e62355e8e8c2ab95431343f5e3
SSDEEP

98304:d/Xp2Q0A1vh0xc/fHPCacHXkCNUY5HUZAlp84:5p3l1vh0y2H0Uh9

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  9d0ffde9c28deca17a860506ca2573832419e353bd858e9eed1df213495e8c00
- Size
  
  4.0MB
- MD5
  
  51997a305d0199f44a1ee2385af84eb4
- SHA1
  
  8012614ee45345ae61255d10937402f931018441
- SHA256
  
  9d0ffde9c28deca17a860506ca2573832419e353bd858e9eed1df213495e8c00
- SHA512
  
  c069cf9481e013c7b64364a44c6c4b81371bc4303241275c302a63886b607bc990c4869be2c14f77984f1f92b7f52663681a95e62355e8e8c2ab95431343f5e3
- SSDEEP
  
  98304:d/Xp2Q0A1vh0xc/fHPCacHXkCNUY5HUZAlp84:5p3l1vh0y2H0Uh9
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Drops file in Drivers directory
- Sets service image path in registry
  persistence
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan