7970a6deeb9f2615a2e39640967347bf120aed8b249765b1c6f98dc5de646027 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

feb34ccce821add5326f235bf1b03b4ab60c8c8f
Size

420KB
Sample

230110-ck95rshc97
MD5

516fcf9ccf239fd282d906a0817f9129
SHA1

feb34ccce821add5326f235bf1b03b4ab60c8c8f
SHA256

7970a6deeb9f2615a2e39640967347bf120aed8b249765b1c6f98dc5de646027
SHA512

efe265f159b75b799fc20cd91412622e4ecf27a96d0e542fe4357fbb720f240ddd355c8880e82fbe0e15113d6445442091eb945954017a9d07f0950bceb7f7b6
SSDEEP

12288:RJSSF/FxvZyT6zpVJ6yrX0kx0JcgU3UI1gI:rrZywEc0ygUEP

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  feb34ccce821add5326f235bf1b03b4ab60c8c8f
- Size
  
  420KB
- MD5
  
  516fcf9ccf239fd282d906a0817f9129
- SHA1
  
  feb34ccce821add5326f235bf1b03b4ab60c8c8f
- SHA256
  
  7970a6deeb9f2615a2e39640967347bf120aed8b249765b1c6f98dc5de646027
- SHA512
  
  efe265f159b75b799fc20cd91412622e4ecf27a96d0e542fe4357fbb720f240ddd355c8880e82fbe0e15113d6445442091eb945954017a9d07f0950bceb7f7b6
- SSDEEP
  
  12288:RJSSF/FxvZyT6zpVJ6yrX0kx0JcgU3UI1gI:rrZywEc0ygUEP
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2