bc0b1bfabdc0243a68eb7b61c343255c4cd466601140652ae0d89985711995d8 | Triage

Sharing

General

Target

de8bdb60db53bfcaef01e07439e742ab860b1ce6
Size

408KB
Sample

230110-crz85shf35
MD5

6a4300995c4cc82e5a7df9b7ce7578d5
SHA1

de8bdb60db53bfcaef01e07439e742ab860b1ce6
SHA256

bc0b1bfabdc0243a68eb7b61c343255c4cd466601140652ae0d89985711995d8
SHA512

c971fa95c9692cd5c07dd43cbad62d932080fd33ed931a7f66a617f1bcf460ba87bd7ec3fd276d0fca18e5d1c18d89b46fc791ad3f2b02ae3426d4477bc383dd
SSDEEP

12288:1qyuF2dxmh6ZfYqAlSnshDkDJIxFunmcqOOi:esmhmdshk90umq3

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  de8bdb60db53bfcaef01e07439e742ab860b1ce6
- Size
  
  408KB
- MD5
  
  6a4300995c4cc82e5a7df9b7ce7578d5
- SHA1
  
  de8bdb60db53bfcaef01e07439e742ab860b1ce6
- SHA256
  
  bc0b1bfabdc0243a68eb7b61c343255c4cd466601140652ae0d89985711995d8
- SHA512
  
  c971fa95c9692cd5c07dd43cbad62d932080fd33ed931a7f66a617f1bcf460ba87bd7ec3fd276d0fca18e5d1c18d89b46fc791ad3f2b02ae3426d4477bc383dd
- SSDEEP
  
  12288:1qyuF2dxmh6ZfYqAlSnshDkDJIxFunmcqOOi:esmhmdshk90umq3
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2