07438ad409858828bc775cb973e14fe02cff3276be12d48528f80a87b9ef6e38 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

feeffe77097a3c41eb76e581bc938c4d52ed279d
Size

408KB
Sample

230110-daa4csdh8w
MD5

af2bb2d6beabaf2f50c28043337c81ca
SHA1

feeffe77097a3c41eb76e581bc938c4d52ed279d
SHA256

07438ad409858828bc775cb973e14fe02cff3276be12d48528f80a87b9ef6e38
SHA512

87d3be1ac2b406f16c42bdbdaf1da0b00379ee8a11b11e10aa7100cf70612a6f6ab620dda3a44bec95d440d8dbadf4a0c1e980422e53aac3a264c0982309b1af
SSDEEP

6144:6/N13cUXNuMTv9YBVlmJqxAAVBpF1DHADpDA2sB17mneENVdkksFBsEz109KdMG8:IftdxT3cA6D6nFNVWdFB909Kd1Kzzy2

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  feeffe77097a3c41eb76e581bc938c4d52ed279d
- Size
  
  408KB
- MD5
  
  af2bb2d6beabaf2f50c28043337c81ca
- SHA1
  
  feeffe77097a3c41eb76e581bc938c4d52ed279d
- SHA256
  
  07438ad409858828bc775cb973e14fe02cff3276be12d48528f80a87b9ef6e38
- SHA512
  
  87d3be1ac2b406f16c42bdbdaf1da0b00379ee8a11b11e10aa7100cf70612a6f6ab620dda3a44bec95d440d8dbadf4a0c1e980422e53aac3a264c0982309b1af
- SSDEEP
  
  6144:6/N13cUXNuMTv9YBVlmJqxAAVBpF1DHADpDA2sB17mneENVdkksFBsEz109KdMG8:IftdxT3cA6D6nFNVWdFB909Kd1Kzzy2
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2