f0c1d6a7a11c2f2cf6fde7bc6fbb3f6fb36993dd5edff0ce742c921f4d71b1c7 | Triage

Sharing

General

Target

33b075f2a623050beb3801cb0e6fbf28
Size

392KB
Sample

231225-wvpflacge5
MD5

33b075f2a623050beb3801cb0e6fbf28
SHA1

ec5a863ea341ebbef277d471a1fc0df1f0e29ebd
SHA256

f0c1d6a7a11c2f2cf6fde7bc6fbb3f6fb36993dd5edff0ce742c921f4d71b1c7
SHA512

35883cd615ac6ad1b51d6f9a9becfb85de8e14b9e52c62809975d13a4f8d660036ab5eed63cef6807ec0594429c3beab2aa6627a9047d272a74d051ed7d34f5a
SSDEEP

12288:10GGmLdw5YRXnFb4iiXJo/VqiGFIG2oNwjV8s:10GGEdwORVb4iiX2tzGyG2o0D

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  33b075f2a623050beb3801cb0e6fbf28
- Size
  
  392KB
- MD5
  
  33b075f2a623050beb3801cb0e6fbf28
- SHA1
  
  ec5a863ea341ebbef277d471a1fc0df1f0e29ebd
- SHA256
  
  f0c1d6a7a11c2f2cf6fde7bc6fbb3f6fb36993dd5edff0ce742c921f4d71b1c7
- SHA512
  
  35883cd615ac6ad1b51d6f9a9becfb85de8e14b9e52c62809975d13a4f8d660036ab5eed63cef6807ec0594429c3beab2aa6627a9047d272a74d051ed7d34f5a
- SSDEEP
  
  12288:10GGmLdw5YRXnFb4iiXJo/VqiGFIG2oNwjV8s:10GGEdwORVb4iiX2tzGyG2o0D
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2