1815b759d38a375feefdf6cb071629b1e8e7911707a4c35ffef02fadcce135ea | Triage

Sharing

General

Target

1815b759d38a375feefdf6cb071629b1e8e7911707a4c35ffef02fadcce135ea
Size

208KB
Sample

231114-lsw3jsag8t
MD5

4e9ed87752048910fd4e5bdc56cfde01
SHA1

2f746a27af5b31e271bc53473b49e79432d79e8b
SHA256

1815b759d38a375feefdf6cb071629b1e8e7911707a4c35ffef02fadcce135ea
SHA512

910c60f59a462bc1131e327365b473624098fbc0b2c3a01eb9e80c257953ec8a70150abad6f4c288c4de2cdd538c8d06fdeb6f113c067865fe556a02f3b80194
SSDEEP

3072:+PZUfec8k/HoSVHN3Tj0h0ylmb1QKGJc3kYcAdm/6oG1yVzJ4OjFcTse699sWWij:wZU9rHCjYxtGTYsTG1yVz4Z4sWxj

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  stager.chm
- Size
  
  215KB
- MD5
  
  f7175168cef18a6a30722d40424e3e60
- SHA1
  
  1895b257c271f8b582a321e18790c5487e5f1b9f
- SHA256
  
  238b585f1b49eca8b4342a626e4480d8754bbbd75fcf8ac7307ff3cf642812e5
- SHA512
  
  32cb9b717c387eb97229d37d0ee14896980d31fef77c517494c8e468909a4cc207d35343f2cd76eee8af4c989b3c1c9b948606299310adc7cf8cd86d8e01c2f9
- SSDEEP
  
  3072:rTDyc8klHgSnHNVTj0h0qlmD1QKoJc3kKcAVm/6iG1yjfJuOjF8Tse69RsWni1Pv:rTDXhHc1YJtoTKUPG1yjf6ZysWiJ
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2