d0d2192d04da0b513c7e3f5d710ec2a9670c0c830651b6c4831cfd00d6880b90 | Triage

Sharing

General

Target

04fa298238fec9c8ac38d7b8ca7faa6a58290697
Size

436KB
Sample

230110-clk72ach2x
MD5

a4b64a7b57d4c42793e4123eb16f354c
SHA1

04fa298238fec9c8ac38d7b8ca7faa6a58290697
SHA256

d0d2192d04da0b513c7e3f5d710ec2a9670c0c830651b6c4831cfd00d6880b90
SHA512

02ad94e87d0fb0ab26ee6236f25145c85f7247cb74be46e78e579eb5c974ab83fca30b92a755b697695b7b3bf351e4c1462ce6d133c17e8ba0de31c576fa5ae0
SSDEEP

6144:r6pbDgfKqWV42Tzliljy+CGuWlxB95T42Xx76DSM+TykvmDZru5FX4Y:rsqK1V4uzliphPB95TmDS72ZYx

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  04fa298238fec9c8ac38d7b8ca7faa6a58290697
- Size
  
  436KB
- MD5
  
  a4b64a7b57d4c42793e4123eb16f354c
- SHA1
  
  04fa298238fec9c8ac38d7b8ca7faa6a58290697
- SHA256
  
  d0d2192d04da0b513c7e3f5d710ec2a9670c0c830651b6c4831cfd00d6880b90
- SHA512
  
  02ad94e87d0fb0ab26ee6236f25145c85f7247cb74be46e78e579eb5c974ab83fca30b92a755b697695b7b3bf351e4c1462ce6d133c17e8ba0de31c576fa5ae0
- SSDEEP
  
  6144:r6pbDgfKqWV42Tzliljy+CGuWlxB95T42Xx76DSM+TykvmDZru5FX4Y:rsqK1V4uzliphPB95TmDS72ZYx
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2