c49910e470bb2a0e50aa9e3250ca65266f54d593274dcff04fd26b6b80236a9e | Triage

Sharing

General

Target

bb387d9b991e8e470fc5d772612547bc4eda7bba
Size

408KB
Sample

230110-b5kvyagf65
MD5

2929a4b377dfc0c8f212fe1fde873f88
SHA1

bb387d9b991e8e470fc5d772612547bc4eda7bba
SHA256

c49910e470bb2a0e50aa9e3250ca65266f54d593274dcff04fd26b6b80236a9e
SHA512

c89970b3d982e45a21fa2671983e651d84c717cc4f52634b2a02a6a7009758fb270f1649752c9a37bb5788560ce14a32c2d06e797ceec24d86492da52484b28e
SSDEEP

6144:WO4I15cZh+rz9YlKPPZ1QRjsDcQZQjHvL9vifEQrv37FR2KNUBUHqJDQAvDho:Cdjco6ZCR4cZjD9viHFiB/nh

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  bb387d9b991e8e470fc5d772612547bc4eda7bba
- Size
  
  408KB
- MD5
  
  2929a4b377dfc0c8f212fe1fde873f88
- SHA1
  
  bb387d9b991e8e470fc5d772612547bc4eda7bba
- SHA256
  
  c49910e470bb2a0e50aa9e3250ca65266f54d593274dcff04fd26b6b80236a9e
- SHA512
  
  c89970b3d982e45a21fa2671983e651d84c717cc4f52634b2a02a6a7009758fb270f1649752c9a37bb5788560ce14a32c2d06e797ceec24d86492da52484b28e
- SSDEEP
  
  6144:WO4I15cZh+rz9YlKPPZ1QRjsDcQZQjHvL9vifEQrv37FR2KNUBUHqJDQAvDho:Cdjco6ZCR4cZjD9viHFiB/nh
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2