4a518453f026d13d58df0ed340cb4bd0a6fbf4d6c13aa292f1b8269eae259b61 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b468dc08c796977499a5eaa36de2882c
Size

92KB
Sample

231222-rbed3aecgl
MD5

b468dc08c796977499a5eaa36de2882c
SHA1

c5de0c78dc4bd4c63a00725a78088aa4a9dbd5f1
SHA256

4a518453f026d13d58df0ed340cb4bd0a6fbf4d6c13aa292f1b8269eae259b61
SHA512

6974bef468b651da35879b0e416ec5fa89d94828eb2345de886a709bbc3c097e0f4cc74dd5f83369d91a955690efb2354ed9c6c09c486a6713a1f2dd16716f63
SSDEEP

1536:D7fPGykbOqjoHm4pICdfkLtAfupcWX50MxFY+yIOlnToIfbx0QTEZ9sO3:fq6+ouCpk2mpcWJ0r+QNTBfb6QoZN

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  b468dc08c796977499a5eaa36de2882c
- Size
  
  92KB
- MD5
  
  b468dc08c796977499a5eaa36de2882c
- SHA1
  
  c5de0c78dc4bd4c63a00725a78088aa4a9dbd5f1
- SHA256
  
  4a518453f026d13d58df0ed340cb4bd0a6fbf4d6c13aa292f1b8269eae259b61
- SHA512
  
  6974bef468b651da35879b0e416ec5fa89d94828eb2345de886a709bbc3c097e0f4cc74dd5f83369d91a955690efb2354ed9c6c09c486a6713a1f2dd16716f63
- SSDEEP
  
  1536:D7fPGykbOqjoHm4pICdfkLtAfupcWX50MxFY+yIOlnToIfbx0QTEZ9sO3:fq6+ouCpk2mpcWJ0r+QNTBfb6QoZN
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2