e23037ecb840dfda2a494bf5237fa7c4213e32bb68c741e2006da188ef3defce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

690d4ba661f7b85c06f94b6677297a6e7e811229
Size

408KB
Sample

230110-c6gqcaac73
MD5

1f8f61cf97dfe76118fa0f0ee703efa1
SHA1

690d4ba661f7b85c06f94b6677297a6e7e811229
SHA256

e23037ecb840dfda2a494bf5237fa7c4213e32bb68c741e2006da188ef3defce
SHA512

0d6543545dc4721cd691eff138df7894c5e3323c220edef8528d34b4807dbaefcab620083c797585d05dee98f5156960bc8434176c95fae3dd255c7fcf380209
SSDEEP

6144:5uWsNR5NQv9YIcwZ2fxwpXYD/hf1qLE3LuCcwXTSFb5Fsn3P0C3AMgcjqAj2R6zv:A5NQUw42XYzhoobsT9FsMCQAj2K

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  690d4ba661f7b85c06f94b6677297a6e7e811229
- Size
  
  408KB
- MD5
  
  1f8f61cf97dfe76118fa0f0ee703efa1
- SHA1
  
  690d4ba661f7b85c06f94b6677297a6e7e811229
- SHA256
  
  e23037ecb840dfda2a494bf5237fa7c4213e32bb68c741e2006da188ef3defce
- SHA512
  
  0d6543545dc4721cd691eff138df7894c5e3323c220edef8528d34b4807dbaefcab620083c797585d05dee98f5156960bc8434176c95fae3dd255c7fcf380209
- SSDEEP
  
  6144:5uWsNR5NQv9YIcwZ2fxwpXYD/hf1qLE3LuCcwXTSFb5Fsn3P0C3AMgcjqAj2R6zv:A5NQUw42XYzhoobsT9FsMCQAj2K
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2