9194255ff10d3d6f30eab4c3278cea7180974ccb56886c2a4627d259c985a9af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

654dd4aab2f64a026e4ec3e1a1c0f2db2ef79210
Size

408KB
Sample

230110-dayjnaea2w
MD5

9cbb63b0bb2acc9f33c86087c2c5c511
SHA1

654dd4aab2f64a026e4ec3e1a1c0f2db2ef79210
SHA256

9194255ff10d3d6f30eab4c3278cea7180974ccb56886c2a4627d259c985a9af
SHA512

f8094fbcc66ecf250b651b0fdc5c2af67d58c6611f306cfa59886f2a372cf43aad30f13561f8725537cd5633c78a1d51a83035341a8b6537582e3e3fbf2cf336
SSDEEP

12288:xnTydH621pXQoBK/xcMizi1FbRohgJ+T:xTydbpzBKmtinbCeJY

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  654dd4aab2f64a026e4ec3e1a1c0f2db2ef79210
- Size
  
  408KB
- MD5
  
  9cbb63b0bb2acc9f33c86087c2c5c511
- SHA1
  
  654dd4aab2f64a026e4ec3e1a1c0f2db2ef79210
- SHA256
  
  9194255ff10d3d6f30eab4c3278cea7180974ccb56886c2a4627d259c985a9af
- SHA512
  
  f8094fbcc66ecf250b651b0fdc5c2af67d58c6611f306cfa59886f2a372cf43aad30f13561f8725537cd5633c78a1d51a83035341a8b6537582e3e3fbf2cf336
- SSDEEP
  
  12288:xnTydH621pXQoBK/xcMizi1FbRohgJ+T:xTydbpzBKmtinbCeJY
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2