ec4b59a754b608284186c75ba7ac78e4217025b9727dcc6cc6c90080514454c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b96d6368bf6fdbadd6e6f67b23fc1cf
Size

393KB
Sample

231226-hyq7psadfn
MD5

5b96d6368bf6fdbadd6e6f67b23fc1cf
SHA1

6c4bba16eeb19a3e5ea1818d17a794f6ae45453c
SHA256

ec4b59a754b608284186c75ba7ac78e4217025b9727dcc6cc6c90080514454c5
SHA512

f87debfb26d6a553eb071264c67817f0e6398be96ed9e6929e0ebb509cb01ecc348960299c2ffc2d8d7a0822864ad1c71a334a92ce56bfcbf3cafd5f9ef201cb
SSDEEP

6144:sC1rUeNULfjGQXr8sQwJ8RdCCKoryzWz0cSxhIC/aulYcJeNsrFS/Zt3Zu73sDVo:trvULyjQorymC/aWYuosit3ZasV8P

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  5b96d6368bf6fdbadd6e6f67b23fc1cf
- Size
  
  393KB
- MD5
  
  5b96d6368bf6fdbadd6e6f67b23fc1cf
- SHA1
  
  6c4bba16eeb19a3e5ea1818d17a794f6ae45453c
- SHA256
  
  ec4b59a754b608284186c75ba7ac78e4217025b9727dcc6cc6c90080514454c5
- SHA512
  
  f87debfb26d6a553eb071264c67817f0e6398be96ed9e6929e0ebb509cb01ecc348960299c2ffc2d8d7a0822864ad1c71a334a92ce56bfcbf3cafd5f9ef201cb
- SSDEEP
  
  6144:sC1rUeNULfjGQXr8sQwJ8RdCCKoryzWz0cSxhIC/aulYcJeNsrFS/Zt3Zu73sDVo:trvULyjQorymC/aWYuosit3ZasV8P
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2