588d8720e71dcb9208decba81a3e1f4ed76c12025965ea4562d123e849ebf99a | Triage

Sharing

General

Target

ad84d83e881b0f1811d2b203acfa50a5bcaed780
Size

408KB
Sample

230110-cr4xbshf42
MD5

a5e1e6d7dff4e5c3fd4a946e79f351a6
SHA1

ad84d83e881b0f1811d2b203acfa50a5bcaed780
SHA256

588d8720e71dcb9208decba81a3e1f4ed76c12025965ea4562d123e849ebf99a
SHA512

fdf88f6861aa0c431de1a0260d8e09c0738726835957f784d25d094979947feb317f3560e01777ce9b660d7c201399a188ddd43888d89b9496f80aadf48d98e3
SSDEEP

6144:wIuMZiP895+62p3PdadxO7qfdJl0XGTD18itanG1g8OkCI1mnqGxE4Ed:whVIn0MxOOVJyX6h8itV1ypwmn9xE4I

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  ad84d83e881b0f1811d2b203acfa50a5bcaed780
- Size
  
  408KB
- MD5
  
  a5e1e6d7dff4e5c3fd4a946e79f351a6
- SHA1
  
  ad84d83e881b0f1811d2b203acfa50a5bcaed780
- SHA256
  
  588d8720e71dcb9208decba81a3e1f4ed76c12025965ea4562d123e849ebf99a
- SHA512
  
  fdf88f6861aa0c431de1a0260d8e09c0738726835957f784d25d094979947feb317f3560e01777ce9b660d7c201399a188ddd43888d89b9496f80aadf48d98e3
- SSDEEP
  
  6144:wIuMZiP895+62p3PdadxO7qfdJl0XGTD18itanG1g8OkCI1mnqGxE4Ed:whVIn0MxOOVJyX6h8itV1ypwmn9xE4I
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2