93b4a78bb63c9ff71d52f66644566bf08da8a13a4a7c64ad85796a7bafe3ba54 | Triage

Sharing

General

Target

93b4a78bb63c9ff71d52f66644566bf08da8a13a4a7c64ad85796a7bafe3ba54
Size

434KB
Sample

231229-fssggaffg9
MD5

319848dbc3724d061e6e87384d919b34
SHA1

13ef19cca1bba224cade67d8f72a3df5470a7cf0
SHA256

93b4a78bb63c9ff71d52f66644566bf08da8a13a4a7c64ad85796a7bafe3ba54
SHA512

c9a0a6ab5857dcc91030ede32e2678fb243299f210bfe9476dc312eda9eb69acdb5d542fa64a4e3a3db459f30b1f96912e3a579c8d7e985374c1f89f41c78e9e
SSDEEP

12288:tJQkmUWMO/yA/sRYSSeJkddIAXraYCmFTK1hR5yf:twHHqA/BePAhCAO/n

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  93b4a78bb63c9ff71d52f66644566bf08da8a13a4a7c64ad85796a7bafe3ba54
- Size
  
  434KB
- MD5
  
  319848dbc3724d061e6e87384d919b34
- SHA1
  
  13ef19cca1bba224cade67d8f72a3df5470a7cf0
- SHA256
  
  93b4a78bb63c9ff71d52f66644566bf08da8a13a4a7c64ad85796a7bafe3ba54
- SHA512
  
  c9a0a6ab5857dcc91030ede32e2678fb243299f210bfe9476dc312eda9eb69acdb5d542fa64a4e3a3db459f30b1f96912e3a579c8d7e985374c1f89f41c78e9e
- SSDEEP
  
  12288:tJQkmUWMO/yA/sRYSSeJkddIAXraYCmFTK1hR5yf:twHHqA/BePAhCAO/n
Score

10^/10

evasion trojan
- Windows security bypass
  evasion trojan
- Executes dropped EXE
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2