ddfdc7b50d58cf76b70a10195b2cd2c7d4d9fcca8951ac7f3c3eb9a43705c70c

Analysis

max time kernel
122s
max time network
127s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-12-2023 03:35

Target

036859eaf6319855ea7fca6d81c28710.exe
Size

52KB
MD5

036859eaf6319855ea7fca6d81c28710
SHA1

5ad763a12262d0bd75e75435e29c68f5e2e2387a
SHA256

ddfdc7b50d58cf76b70a10195b2cd2c7d4d9fcca8951ac7f3c3eb9a43705c70c
SHA512

88adfdc2292655920da3401245014f65055f2eb894d8d8c9a067f28ca24878b99005357468193c0a97b530f0d846e899575e864ac82fd798d4e13e241f51f3b5
SSDEEP

768:NRAXertvheol6uDOVuDppjeVXEON2SwCtbnlC1egNfqeVVPlFK:MXuheolgyIXbcSwCzDeVRl

Score

10^/10

evasion trojan

UAC bypass 3 TTPs 1 IoCs

evasion trojan

Bypass User Account Control

Disable or Modify Tools

Modify Registry

description	ioc	Process
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0"	036859eaf6319855ea7fca6d81c28710.exe

Checks whether UAC is enabled 1 TTPs 1 IoCs

evasion trojan

System Information Discovery

description	ioc	Process
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0"	036859eaf6319855ea7fca6d81c28710.exe

System policy modification 1 TTPs 1 IoCs

evasion

Modify Registry

description	ioc	Process
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0"	036859eaf6319855ea7fca6d81c28710.exe