a85609f7b367423127a8281ff4ec6e249ddfcccd391049ea001a095c5c771358 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba0b9f08fbf9dc456681650b54c60dc1ea766c6a
Size

436KB
Sample

230110-ck1lbscg8y
MD5

e395fa047edd7c23249f1089eca1fc1d
SHA1

ba0b9f08fbf9dc456681650b54c60dc1ea766c6a
SHA256

a85609f7b367423127a8281ff4ec6e249ddfcccd391049ea001a095c5c771358
SHA512

081470a32c7302e3579998a1800094d6fda67b1ab78b7439cd646604d13b09a1df52f6bfb4d6fee4da8cf458395ecad679be8fa8794873a432c025be03d02176
SSDEEP

6144:Z6pbDgfKqWV42Tzliljy+CGuWlxB95T42Xx76DSM+TykvmDZru5FX4W:ZsqK1V4uzliphPB95TmDS72ZYx

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  ba0b9f08fbf9dc456681650b54c60dc1ea766c6a
- Size
  
  436KB
- MD5
  
  e395fa047edd7c23249f1089eca1fc1d
- SHA1
  
  ba0b9f08fbf9dc456681650b54c60dc1ea766c6a
- SHA256
  
  a85609f7b367423127a8281ff4ec6e249ddfcccd391049ea001a095c5c771358
- SHA512
  
  081470a32c7302e3579998a1800094d6fda67b1ab78b7439cd646604d13b09a1df52f6bfb4d6fee4da8cf458395ecad679be8fa8794873a432c025be03d02176
- SSDEEP
  
  6144:Z6pbDgfKqWV42Tzliljy+CGuWlxB95T42Xx76DSM+TykvmDZru5FX4W:ZsqK1V4uzliphPB95TmDS72ZYx
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2