d39f03657c4180d760f49506717dc4656a54a69af61a0df089f6abbd996cbb38 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca120f157bf3b2458babd7b23babf927.bin
Size

448KB
Sample

230615-b81qkaed4w
MD5

13f9f41cf94b3054b16a1523667e2efd
SHA1

2492dd7a2e229021a963a2c9e20f585d6a981d94
SHA256

d39f03657c4180d760f49506717dc4656a54a69af61a0df089f6abbd996cbb38
SHA512

78fe68c2caf7937354cea2ee85e3e5751f6498fdc200f98012a8176ee1e76d13ed23d965eda9e004777830c5b93e00e6bb1bd1aaccc6d323ad517df3c980f6d1
SSDEEP

12288:LAthhyemwqu3HFdwn/Aj2eGUi0g/4+9FfaTIzOpaJghMOP0c:LAthwBwVld1IUi0cRaI8a22OP0c

Score

7^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  c6fc9524fec2a6e2d2954d11b67a4d86a3c4a5672f21c388b1ab555e6fd09888.exe
- Size
  
  912KB
- MD5
  
  d24b38a543bfbb715b93e9059a79ada5
- SHA1
  
  af4b41a4ddd99d866360160f755a5f55fc8f35f0
- SHA256
  
  c6fc9524fec2a6e2d2954d11b67a4d86a3c4a5672f21c388b1ab555e6fd09888
- SHA512
  
  abceb1d12fc00678b63d2439341e04bdee65952230ebd6ba674d9a9b8b6fccea04fed1e4b9f1c8f2064c944b7f5b8d71749a7b2b343923d335a8bd03b5eb3830
- SSDEEP
  
  12288:v+YE32Q8n9FgCBT4jh0rOcazvLbzTq4TYSyPKcaTuxfa:vvEwnfg04jgaXbzG4TYS8KcR
Score

7^/10

evasion persistence trojan
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan