4d706c183e08956438bb1dbda96ef4e2e4e1dc58f3fbcfb000d77233ed313f2f | Triage

Sharing

General

Target

31f7204b6a8d63dd79172a44d37e7141426222b3
Size

393KB
Sample

230110-cmw1xsch61
MD5

5b500d8b8a33c8581bd2dc90761a6a74
SHA1

31f7204b6a8d63dd79172a44d37e7141426222b3
SHA256

4d706c183e08956438bb1dbda96ef4e2e4e1dc58f3fbcfb000d77233ed313f2f
SHA512

4b852b0fe9d9f66c0f224957c7114a6e8dd0c1495b957d72e364c3f2e8c893196512546a65909624f0a0389fbd0778a61715e6c337a5a44d17d2363e1ffab443
SSDEEP

12288:UyJY9pdmxwRWwcVGzWd0f6nZU4hZo8ydktttttttttttttDD9UM:UyJOfWwWGzUrbOYDz

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  31f7204b6a8d63dd79172a44d37e7141426222b3
- Size
  
  393KB
- MD5
  
  5b500d8b8a33c8581bd2dc90761a6a74
- SHA1
  
  31f7204b6a8d63dd79172a44d37e7141426222b3
- SHA256
  
  4d706c183e08956438bb1dbda96ef4e2e4e1dc58f3fbcfb000d77233ed313f2f
- SHA512
  
  4b852b0fe9d9f66c0f224957c7114a6e8dd0c1495b957d72e364c3f2e8c893196512546a65909624f0a0389fbd0778a61715e6c337a5a44d17d2363e1ffab443
- SSDEEP
  
  12288:UyJY9pdmxwRWwcVGzWd0f6nZU4hZo8ydktttttttttttttDD9UM:UyJOfWwWGzUrbOYDz
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2